alkoora.livehd72.live Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://livehd7.cc/
Effective URL:
https://alkoora.livehd72.live/m/
Submission: On October 06 via api (October 6th 2023, 7:05:17 am UTC) from TW — Scanned from DE

Summary HTTP 312 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 25 domains to perform 312 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is alkoora.livehd72.live.
TLS certificate: Issued by GTS CA 1P5 on August 31st 2023. Valid for: 3 months.

This is the only time alkoora.livehd72.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:702	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	2606:4700:20:... 2606:4700:20::ac43:46b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 6	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15 76	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
60	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a06:98c1:312... 2a06:98c1:3121::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 19	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1d::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
33	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:21f... 2600:9000:21f3:200:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
2 4	63.32.14.94 63.32.14.94	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
11 14	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
6 12	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 12	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
16	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
6	2600:9000:21f... 2600:9000:21f3:0:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2600:1f13:800... 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d	16509 (AMAZON-02) (AMAZON-02)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
2	63.33.100.143 63.33.100.143	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:2250:8200:5:98ca:e7c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	52.209.50.140 52.209.50.140	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:249... 2600:9000:2491:a400:f:7bbd:36c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:215... 2600:9000:2156:3c00:1:5992:c8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
312	41

1 2606:4700:20::681a:702 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

livehd7.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:46b6 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

w.livehd7.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
live.livehd7.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3120::3 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

kora.livehd72.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
star.livehd72.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alkora.livehd72.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alkoora.livehd72.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.livehd72.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

76 2a06:98c1:3121::3 (United States) 15 redirects

ASN13335 (CLOUDFLARENET, US)

alkoora.livehd72.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kora.livehd72.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
star.livehd72.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alkora.livehd72.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.livehd77.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

play.livehd72.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:200:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.32.14.94 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-14-94.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.181.226 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.27.193 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.171.85 (Frankfurt am Main, Germany) 9 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21f3:0:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.100.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:8200:5:98ca:e7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

creative-libraries.lemonpi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.209.50.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-50-140.eu-west-1.compute.amazonaws.com

content.lemonpi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.lemonpi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2491:a400:f:7bbd:36c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.lemonpi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:3c00:1:5992:c8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

image.lemonpi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
86	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	975 KB
83	livehd72.live 20 redirects kora.livehd72.live star.livehd72.live alkora.livehd72.live alkoora.livehd72.live play.livehd72.live m.livehd72.live	688 KB
35	doubleclick.net 12 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	211 KB
24	lemonpi.io creative-libraries.lemonpi.io — Cisco Umbrella Rank: 18934 content.lemonpi.io — Cisco Umbrella Rank: 15773 log.lemonpi.io — Cisco Umbrella Rank: 15908 assets.lemonpi.io — Cisco Umbrella Rank: 21091 image.lemonpi.io — Cisco Umbrella Rank: 22990	4 MB
24	adform.net track.adform.net — Cisco Umbrella Rank: 4131 s1.adform.net — Cisco Umbrella Rank: 9659	548 KB
21	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1153 static.adsafeprotected.com — Cisco Umbrella Rank: 720 dt.adsafeprotected.com — Cisco Umbrella Rank: 658	233 KB
12	adnxs.com 9 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	9 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	6 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	172 KB
10	criteo.net static.criteo.net — Cisco Umbrella Rank: 728 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717 csm.eu.criteo.net — Cisco Umbrella Rank: 9249	75 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	411 KB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	156 KB
7	livehd7.cc 7 redirects livehd7.cc w.livehd7.cc live.livehd7.cc	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	298 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9209 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15658 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275	57 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	606 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250 www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	3 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 903	675 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1584	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 547	400 B
2	google.de www.google.de — Cisco Umbrella Rank: 6147	515 B
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2167	581 B
1	livehd77.cc 1 redirects m.livehd77.cc	476 B
312	25

	Domain	Requested by
60	alkoora.livehd72.live	1 redirects alkoora.livehd72.live
53	pagead2.googlesyndication.com	alkoora.livehd72.live pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
33	tpc.googlesyndication.com	googleads.g.doubleclick.net alkoora.livehd72.live tpc.googlesyndication.com pagead2.googlesyndication.com
19	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net alkoora.livehd72.live
16	s1.adform.net	track.adform.net s1.adform.net alkoora.livehd72.live
14	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net
12	ib.adnxs.com	9 redirects googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
11	dt.adsafeprotected.com	googleads.g.doubleclick.net
11	alkora.livehd72.live	8 redirects alkoora.livehd72.live
8	content.lemonpi.io	creative-libraries.lemonpi.io
8	track.adform.net	alkoora.livehd72.live s1.adform.net
8	static.criteo.net	ads.eu.criteo.com
7	www.googletagservices.com	googleads.g.doubleclick.net alkoora.livehd72.live
7	fonts.gstatic.com	fonts.googleapis.com alkoora.livehd72.live
7	cdnjs.cloudflare.com	alkoora.livehd72.live ads.eu.criteo.com s1.adform.net
6	image.lemonpi.io
6	assets.lemonpi.io
6	static.adsafeprotected.com	googleads.g.doubleclick.net
5	star.livehd72.live	5 redirects
4	fw.adsafeprotected.com	2 redirects alkoora.livehd72.live googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	live.livehd7.cc	4 redirects
4	www.googletagmanager.com	alkoora.livehd72.live www.googletagmanager.com
4	kora.livehd72.live	4 redirects
3	fonts.googleapis.com	alkoora.livehd72.live googleads.g.doubleclick.net
2	log.lemonpi.io	creative-libraries.lemonpi.io
2	creative-libraries.lemonpi.io	s1.adform.net
2	beacon.krxd.net	googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.googleadservices.com	alkoora.livehd72.live
2	www.google.com	alkoora.livehd72.live tpc.googlesyndication.com
2	www.google.de	alkoora.livehd72.live
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	play.livehd72.live	1 redirects alkoora.livehd72.live
2	w.livehd7.cc	2 redirects
1	csm.eu.criteo.net	ads.eu.criteo.com
1	imageproxy.eu.criteo.net	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	m.livehd77.cc	1 redirects
1	m.livehd72.live	1 redirects
1	livehd7.cc	1 redirects
312	50

This site contains links to these domains. Also see Links.

Domain
alkora.livehd72.live
koooralive.online
kora.yalla-live.live
kora.livehd72.live
www.lives-koora.com
play.livehd72.live
www.livehd7.day

Subject Issuer	Validity	Valid
livehd72.live GTS CA 1P5	`2023-08-31` - `2023-11-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.lemonpi.io Amazon RSA 2048 M02	`2023-06-18` - `2024-07-16`	a year	crt.sh
create.choreograph.com Amazon RSA 2048 M02	`2023-05-12` - `2024-06-09`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://alkoora.livehd72.live/m/
Frame ID: 3F43494DFD2F1177F404660F0B1F6960
Requests: 101 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: DB0AB653C04031FF1B9CB639F91E9F6C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&adk=1812271804&adf=3025194257&lmt=1696568712&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x810_r&format=0x0&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912488&bpp=3&bdt=678&idt=317&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=335913105674&frm=20&pv=2&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=382
Frame ID: 9497EE3065DCF373F9DB21E90201C5FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395
Frame ID: D170EB188EF193900DDEBAC365ABB0A5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=3972443666&adf=3315005860&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=438&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&cms=5&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=WUZ94tHKdB&p=https%3A//alkoora.livehd72.live&dtd=443
Frame ID: 1604734D6FD171AC1753C11728D85E67
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
Frame ID: 9CE506A4182ED16D4F2A59B34EFF405D
Requests: 24 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR-xqQAAzJcGrReeAAsYDs95OLhCvO1cD0aqtQ&u=%7ClLdtP95kakDMkMRRmZk%2FMfpQ4QvKHgB07ZNJma7yvQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC860e_9IV0S2gFP06EEBzfwu4ZpL8qMB6If6kCVlfQ4tbd-dBdNulPSd_DW2SnsRxTv7lxiAS88V1gwiQJ3C4mZ98WbpHYdQKP-A4PWzJDiwARVH_pf0Xx1GdSWlbx369gJfJtIqp6hEb7j6fHlZvuSY6AgBWGQtcBTwkx9Qv0s7b_nMxL05pY2qQfCzfOs8BGAVhkY60VpCv1DuSmQvxkGeQXr_SwZwLc4P-voCYDHa8srvEa3RZiWIG2MAkYhRZQwfKM4w5L-anibA3UdRyLkYF8xvNRE57OfDb63XQsml7TWKlaWK_WAApBs0OALJwBG8_Pvz9bz2UCUAbckkWqUCBI6TAeHyf8MA_5miASL8X3Ga9K1dP33g1-h2Ux4ckm4g3UZPvq0SsTNhXurfTvsJfTwqMV4d8NSWZA3NlIyqeHiCxHBG1PTgEZmyNiY97RKvOMiYKQOfwuOFiKAdIniNtMDjw71q76ZAGl88IcpQiWQwI8RFdXRidD13iqrGXPd2pNmPASQp-BXBB3tIExmtQQ8YeT2OAVeE0y3dvfo7YBLEsHjXH6gm4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMIAkqbEfZZeZA56vtOUPjrCssAPJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTYxMTM0Njc2OTQ5MDEzODTIAQmpAh1YeZ02r7E-qAMByAMCqgSFAk_Qg0Xz7CWFC9hU6tmRgwfAY23KdtWvp-pzpZBH_44VDdYArLiHckCKYb7kWmcYEG9C_oE55BW4TINtp4DFNduRgB0pqR4_5QRUtWpDF5CEzJUpsE3Z63-7wl7vHpjg187TcfRC0jlIQ4CR44hUGKsshjXWAb7QOSvty4-Dl-I4mBmN9M5qhkwvs8Dl8IHGikYhjijP4ykt3ql9W4CdoeSlftV7JUaIYgL9ecKzoaDwa7XJg7jLWDmgRSMYEhokiS0L0G-2jyid4-skJj9C2loxX-MAyYSxuV2CQLKkakTyjBfm0H42VhufjwKKuEfA1eZenIIskD4HDcGY349xEPeg8Wo2boAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0soWd6Jfanv6CYp6zhLXkKz7hLRQ%26client%3Dca-pub-6113467694901384%26adurl%3D
Frame ID: ECB1691BC01353F68551D5ABE535EEEC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7EC9B7F73799A529BD1F922961998F4A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: AA3760DC5BC049F4ADCE0CB98857C763
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: DF1922F3416F1DD1DB41F7745D22212D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: DD614C695B062E5D079263A9888A8A9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhCsuIT9ARi6q-P1ATAB&v=APEucNUce1x7RsL_PwtkoS6UAJuWSV7k_jWm1ytIPfINArTQBX0VG8I4qrvdxrf4BYxd58qIwUF1RL6EuDbz-l0_2R1_t9sPXfe2ALcWfl1-_stYIy8XFUTmhQj8o8iYDj_ugBzXKi7tT0q_sln5yi0tM-nBM9rgRrNqtJaGTWQoFidGG9OPGIo
Frame ID: 7D7AE293F833CEA91A0C0FEA960A29DD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 477762345C24C5E35B7501AED94DBDAB
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhCsuIT9ARi6q-P1ATAB&v=APEucNUQOeUx_Wn7cvtL79r644Q-IC6HCK5Z91gyUhYyheQAttYIKVtK3UwJg64TNN1frfcp844H078tbLBWXkkImZ-FNhbM_3N3zQXnFEqdGxydKfqB8IHO8_6aMrCU3Gqz5bYtLSFy9OhyisbYPd8pyuGPl64zjOB2yD9eAD3G-9IdadqKJNg
Frame ID: A085029C9F7DFEF0261881F34CE56717
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 525BA09A634CA99F067BB21A749A6E61
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiriqrpATAB&v=APEucNUvw-cCDyUTPAvdoyonOFSZJ7bHhjua4N99FtPl5IMxtPPXErcCN0PtSC5MVOb2DI2fkgOdjiciMNrmeZ0YimnzBW_zT07u49YPkIuz1hwpjAB5ehmJZaVKHz8iR5TMAGJbjtaT8b--_AyToXSyVvvbBFS15d_qFoPL-wmSzDs7vB8hSrk
Frame ID: 6836CBF8794B85B0A88811C0325E0C1D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 89459F444F3E380125EBB3602F3A244C
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
Frame ID: CD7429FDECEFA1EC22C9F679E9C695F3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: BC9A2DFE4B8388D8464062B3711DC6FA
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
Frame ID: 227B69C895A981A4A1C1B138E4C99DA5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2575D3C1CB2A3A6308D3D80C0E00B47B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjLydzgATAB&v=APEucNWs9NKh7F1FvkAP2lhL1l7k-H4vfQHRALDR5lTgptSQLqj2wwFuil4BEcdKkX4ABAhbeYtwD3vlsFGk1ketqGqxPb8r6uUVYKCbSswSk7I0-wz_Xv-_hD3-7klgXJ9vjqgT0wL--D_JAEDBENUlQ23v1cqJUEywwcbHSjT-9P2jIKILen4
Frame ID: DAAA1F19F5770E0A2447E5D9A1ECD8B0
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 971E8566C12F2D1F3891AEF442AFF7D9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA55D55633D00C6D795BE60A40125DAF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 24395D5E2B5287FE1AD0085ABADD13D8
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D12C442D8E738720A56B3A884D4ED8E5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7160A2B82364CC615EF7F4C4046E1013
Requests: 3 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/13489147.js?ADFassetID=13489147&bv=258
Frame ID: 9848EF01DC578D3910057E6C63A4206A
Requests: 19 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/13489147.js?ADFassetID=13489147&bv=258
Frame ID: 7C802BD5946712684DB652D73EA3934D
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4DDECF6252351A43D696C460C09E13EA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F59F11B779F616462BAEF7896892F1C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

الاسطورة لبث المباريات livehd7

Page URL History Show full URLs

http://livehd7.cc/ HTTP 301
https://w.livehd7.cc/ HTTP 301
https://kora.livehd72.live/ HTTP 301
https://star.livehd72.live/ HTTP 301
https://alkora.livehd72.live/ HTTP 301
https://alkoora.livehd72.live/ HTTP 301
https://alkoora.livehd72.live/m/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

312
Requests

91 %
HTTPS

71 %
IPv6

25
Domains

50
Subdomains

41
IPs

7
Countries

8396 kB
Transfer

15182 kB
Size

19
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://alkora.livehd72.live/
Title: الاسطورة

Search URL Search Domain Scan URL

URL: https://koooralive.online/
Title: كورة لايف

Search URL Search Domain Scan URL

URL: https://kora.yalla-live.live/
Title: يلا لايف

Search URL Search Domain Scan URL

URL: https://kora.livehd72.live/
Title: livehd7

Search URL Search Domain Scan URL

URL: https://www.lives-koora.com/
Title: كورة لايف

Search URL Search Domain Scan URL

URL: https://play.livehd72.live/
Title: livehd7

Search URL Search Domain Scan URL

URL: https://www.livehd7.day/
Title: الاسطورة

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://livehd7.cc/ HTTP 301
https://w.livehd7.cc/ HTTP 301
https://kora.livehd72.live/ HTTP 301
https://star.livehd72.live/ HTTP 301
https://alkora.livehd72.live/ HTTP 301
https://alkoora.livehd72.live/ HTTP 301
https://alkoora.livehd72.live/m/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://m.livehd72.live/wp-content/uploads/2023/06/12790.png HTTP 301
https://kora.livehd72.live/wp-content/uploads/2023/06/12790.png HTTP 301
https://star.livehd72.live/wp-content/uploads/2023/06/12790.png HTTP 301
https://alkora.livehd72.live/wp-content/uploads/2023/06/12790.png

Request Chain 19

https://alkora.livehd72.live/wp-content/uploads/2023/09/1683.png HTTP 301
https://alkoora.livehd72.live/wp-content/uploads/2023/09/1683.png

Request Chain 20

https://alkora.livehd72.live/wp-content/uploads/2023/09/10.png HTTP 301
https://alkoora.livehd72.live/wp-content/uploads/2023/09/10.png

Request Chain 31

https://live.livehd7.cc/wp-content/uploads/2022/10/535.png HTTP 301
https://alkora.livehd72.live/wp-content/uploads/2022/10/535.png HTTP 301
https://alkoora.livehd72.live/wp-content/uploads/2022/10/535.png

Request Chain 34

https://m.livehd77.cc/wp-content/uploads/2023/04/12630.png HTTP 301
https://kora.livehd72.live/wp-content/uploads/2023/04/12630.png HTTP 301
https://star.livehd72.live/wp-content/uploads/2023/04/12630.png HTTP 301
https://alkora.livehd72.live/wp-content/uploads/2023/04/12630.png HTTP 301
https://alkoora.livehd72.live/wp-content/uploads/2023/04/12630.png

Request Chain 39

https://live.livehd7.cc/wp-content/uploads/2022/10/13.png HTTP 301
https://alkora.livehd72.live/wp-content/uploads/2022/10/13.png

Request Chain 45

https://live.livehd7.cc/wp-content/uploads/2022/10/133.png HTTP 301
https://alkora.livehd72.live/wp-content/uploads/2022/10/133.png HTTP 301
https://alkoora.livehd72.live/wp-content/uploads/2022/10/133.png

Request Chain 50

https://play.livehd72.live/wp-content/uploads/2023/08/270.png HTTP 301
https://star.livehd72.live/wp-content/uploads/2023/08/270.png HTTP 301
https://alkora.livehd72.live/wp-content/uploads/2023/08/270.png

Request Chain 53

https://w.livehd7.cc/wp-content/uploads/2023/01/164.png HTTP 301
https://kora.livehd72.live/wp-content/uploads/2023/01/164.png HTTP 301
https://star.livehd72.live/wp-content/uploads/2023/01/164.png HTTP 301
https://alkora.livehd72.live/wp-content/uploads/2023/01/164.png HTTP 301
https://alkoora.livehd72.live/wp-content/uploads/2023/01/164.png

Request Chain 54

https://live.livehd7.cc/wp-content/uploads/2022/10/297.png HTTP 301
https://alkora.livehd72.live/wp-content/uploads/2022/10/297.png HTTP 301
https://alkoora.livehd72.live/wp-content/uploads/2022/10/297.png

Request Chain 167

https://googleads.g.doubleclick.net/pagead/adview?ai=CU_oRqbEfZeULoKSL1g_1zL_4DNOE8LFz56HbmvQRv-iivcABEAEg_oO6JWCVwqaCsAegAcfw440DyAEJqQLhi7zj7a-xPqgDAcgDywSqBNcBT9Dh7B4qqHOZooGElDvtAdJH7hW4iOpkTfBuHn9snyrHRvLJ1qqq70MhNB1BjDiXxTcCHamKEoFNLAK6zFHclCQQYH-l7sUaRJV80E9qmjiNX9w8-wWNeM8ZNkyLoj40fSwqHSQEkhS4PsH3vhgQosoY7YVw4ywJSaH8Q0zjKpCXaBI1dg4qpg4W45CPHDMXfdnr3a8rSwoslMcqcCGdqsdEO1xBaFlmx7tsvLBJxSEhhN0Cc65-s83C0MsQ8KHnGgEsV65IPIvoOQhdEby0aO4Yq_w3h9HABL77tvPABIgFt9KJ3UySBQQIBBgBkgUECAUYBKAGLoAHz4CjcqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIHuDdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCWVodHRwczovL3d3dy5tYXpkYS1hdXRvaGF1cy1sZW56LW9lbGRlLXN0cm9tYmVyZy5kZS9zZXJ2aWNlL3dlcmtzdGF0dC9ha3R1ZWxsZS1ha3Rpb25lbi9oZXJic3RhbmdlYm90ZYAKAcgLAbgT5APYEw6IFAHQFQGAFwGyFxwKGggAEhRwdWItNjExMzQ2NzY5NDkwMTM4NBgA&sigh=PkWING_vLpQ&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaN1Um7VK3-D_Oo6RhUVVqvwQYuRYLcfPdDRjF8-G27wi3788CbbC41G7gvNkSAGaXyobrYx6E5TaA09Eu2SIpoQKAOxxVyxpEYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212181968678252846738%22,%22debug_reporting%22:true,%22destination%22:%22https://mazda-autohaus-lenz-oelde-stromberg.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22834205767%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215091937338321955361%22}&andc=true

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1

Request Chain 180

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR.xqmcgXYsW1xODJOAKYwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG7rfLXHE7aH-dOYOkpltD4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1

Request Chain 182

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjQxOTAxNDUxMTgwOTQ1Mg%3D%3D

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1

Request Chain 184

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR.xqmcgXYsW1xODJOAKYwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG7rfLXHE7aH-dOYOkpltD4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1

Request Chain 186

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0NDUzNzIzNTI4MzY2NTg1NQ%3D%3D

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1

Request Chain 188

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR.xqmcgXYsW1xODJOAKYwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG7rfLXHE7aH-dOYOkpltD4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1

Request Chain 190

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjQxOTAxNDUxMTgwOTQ1Mg%3D%3D

Request Chain 212

https://fw.adsafeprotected.com/rfw/bgd/1474271/71242846/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-AIFOjgM7JnC1qvUbc5jQpXPQX2iEggOzwg-chhXPQezZZuUPdNupAm7Lii7HOB6622MTYXeFHKpAKVEJr0omYh-nuMF6tt-CdIT0LY3oWF2ZetIklAzRN6NEx_9v21hArao2nWYXM8wzEkO1o4mhQBhhhiAnQd-1lCBWqjSFy1qyndbjESyRYAoCZ_4OTutSfcH6rBDNneDODDJ8LA3GhuYwp8fSyBU5MqmsQBYbYoao2xxB8d9sWenATZ30eHF9HLAwqnPlVHmdMRlTpDdlizl6kBZfj9q7n8LQh3WtP2dnBrvPFEFHLkT10zna6Wy1BJVlrMEgg6vwk3HNPZ0EoSiAzTU57-gLNDCW3MtQluZz28BizpmocBfquHNRrwdif7vjU0LBp01DFXEBw8-dKPQbQL47ZzpmK7341k3_lxKY8bG0_BVbolIqZZvHhS5CxlajLxWB4RAzOn2qpe5wWAm97gpiVQhEjBuluqf3eruBFmH9L45-tTpAZeVLI0WzDxPcrGdDXVIQLhmJL2WUT1gLZhrf63VeKX5uc0VM4To-AtHKJsrdBNmjO_bHNckxFMhkd-ThUVmTRP3mqB5QMEe2TMqaDky6_duNFI5b8cR6bfpyrSWaT5hHXXgMUxl4DzcxnMJoBuk6gmZW5m9TcUO5ZaxrZfYMdlKO1OAdk2HaV9FX23CFPp3F8IO8D7-TwqN53_iA6Gbgz2yZjNP62DAdP2UOE6THDcW3ku6_e62z0_59RhRi6dxivuMDinUhWe07PzDpCdR53NzEr5v2iO5jA_-savuqyn7o9TXsC4wfqf2-8rSLbo5a7yuY11q7P61bE-EmWU9B8u4gU3uOoUH_P30dsqQE6wKY4dGhFhsmZWX7a8ewiJwtruiqiH61CfixjyGRsB0W0YTm-4_tNT3K1ZNMpPXVMgx_dGECX272Wpv1Zfy2cfCqRbA_SyfyTolSO1VL4Uud17y16_A5NsfGJ_symEnqj4eO_chVB8D7QhgQ1gaZTwl50sUHhFF2qQZHX9ojBLUa0w6wJimhKjkMALujeuZJNyf71tK2Ptdn2zgqk_IUIq5O3FWmB3W9idy-X-EjwlVAHsKrcsQI_jEwU5pJn3clwwxQL8VCVybaLfTNDuDtvEs_VSpJqncfyV76l7bqZxQwynXVM224Ek271GALuVtR8FZ9Q9y7MXXqRY6aqVDzWt3hCUX42xJsRz6AA12cwfiFO6xvTHCvahtqjJ6xi9Xc9dQrET5HDM92GUXE9QltuPlEGlpBdGF2mV5jJ65CvY4oflYGJGPAfFxRgHX-MdSyzu8YsZfLm7o3aUMzONiXHPnCNVkJfvv1_94BM0tiutz_t0gxW-iNXw9SvzoshdsLVzMkzejF8KVdJ1z1CCyNrHNhk_wKmTriGJCr4gm0vIN0dsgaVQzHCoYZ8NyDeTMNn-MNEyF_XA99kYJeqgsqfEqn24Xf9HYxhXkKb6fWAc_cxEaA-rnhN3C7a3nn1zJzUj31HOt6dTylylvxCqQch3Z3ukxlYGdS-dAuSpl_LmoGGBC419qtDcGJP-GtMnsFoj5DWfW7ujmDYioesd3UbVqn5AVR6HvvIa3AadmegBgS8JjU1HJ5lqf4N099gdwhBELPEzxK1S1R6T7Ee4mTkU8vPOuu6657UaauY8azT6oKEFpsTQRIe1ux3DYmmCBLNA6aOMgeLMrbkqW_S1W1ya2ysJFh0s-kbiLISoIxcRCUgXD8OyDs2eaWZH_Inpd1jJ1Oc7nquCnejrzWVD4-5w0c0mN_Ykw-DrmEucDObYULZzvkxRsCN-N3F72tb6hIXRfSx_c5bPNOs0oMqlrcRIXM6maplgO0ma5BitQJBw7FlGJgRQFQCL1eLd8PlDndJJ8AREtREB7M7SmUzoh6xtkaZVPZiv_jop2rJzXnOX2VdPnC6zzlIfVIerP8XCb7-P6Sgt2NN70axQN7P9jqxp91BC15m4meIRdKq3IkzIegTNyE52i1IH5T_t0Vx8NwAVpDnEXWnfa6CVOYWGhas8EUcCz-_X6VvYkvj7jHvTMPv1GmDTGE_5TVQd8QJo1oQ3_8UF-GmEo3yxpMFnG8i216_eBByeAWjfij-QLtuToOxWOwA8ky9yFsr9-V4zmiwuHUNrktAVu7Q3iCQC8OlP4_vE3brEJjtOJoxiQ97SsmbByFnwaVMjZSkNXn47sVqUmss2Hj29tuYd584s90rkWwYbTer_BZy4VmL5vASosKsoI8Mw8XJOekxLqzhiR3YfJAtdIRwgoEqOlJAhZZQL6GlNjnSgfc3jYEexRnVfh7V6WU7l4NF71KWw_-RBGrPqikRp_kdeX8C9OswkN_-yvpfEaHBsNUKNz7SDTAdnZJAmyIL_o6_1GHFr4Da7c6kzt9vMhrvauTsWGKBgI6xK0pThcIqBBiw47eC3WwunojjrZ8uUHpccz15y9pghJ2OS4ZsMTQDK_xtlnKgilS0yQdyZFQ0lsyVe0li6Skwk-N9z-pfKRmid-bpYl49HEnMLD8Ss_Qmo2CQwHdmmyFEwPjlwGc-VNydb91I0ab3y2jAWVn9F1pSCruxPFeTciCAg24XAdnfGEXbkwMY2hml5atZqtxWB2gezDsUkmEoxvF00SGZU-l1ED15DHjkEgFS-XV25Wo8Q1XX5t1N9jnKM5eqi8Zg0m2RNWm6fvT5aIVnF7aQvLZE9uh4v9ZFqHtF6us2wCDAL45ZYTFt68MaIcJ-xtOgaR4V53vezIRvzv16i0jBl7mTbjqzkXEYXQ-h91dMtYqU7dOv3Eaer1ssLwlHzhUkw6QjANsobYGIem2iqatT5hfog_u1vp9UE8Z8xofpgNrTXyv21oUjkEdje2c1IwoLdxelsBZJLhYqzB6nIH7atWGTgBErPsHCAGiFkW3NruoIaDuN4QRwsa-WDKjpk51TNwHFt-UiXiL3ijV_R4dAFPOQ_rhCkR6nDMCDj7j9Lc6wNmdhXPIlLaztJxDjIUmuxqJtgFmY4hrDY_vyIOsAj8JReSCtyzSboLR3iMdDkLsdeBz9wtrLJ4QdvnKTxBT-qy5io8PdGMsfVRb1Hcyhp9ju4fdPUCdiJi7cvohpp9IPtg32nfgxx_hAgWxCQKgCUnoNqxCiNqq6Mti7v_QWD3fNQJUK2EdbVxYKcqlSCkQE-5Jgx-SQU4MtjKiN4aj-b3HsJsQ-Tl3DfEgj_jrgjdzJ_UdSk4AwnVJ6vgh_gpJLoNxj62bMS6r9MoDSdGxfmDKwKT4modw_0VR9dhRivkYmcguo7zJAHWxWZg4BdYr5dc270JaBk2Y_TMaTb1JQWSPKZ8IlnxYx-17Dcwn04dgDyeTYgJUhotlSyvY42p48H_KylWaj4XW7VTvq4roeIRW6rj0UDl_Z3jL_zzNAYwjzA0K0jmBCZm-XbXOQ3YqDnm-xIGS4KPRrIPEYv_kgwLRgqHrr3erHNAUvLc7jGUstvt_7KGhWmgZjmkrFzGAcYcTgbNalyZQcdL_CciJu8nmhGehnCIXAXhcWheiAucIq5-xsaW6Zem_aTS5wHmu4T32SOMsLvVn0okOzHjLQtACSXdfktCHAPWFQiKhO-9KKBqV4Q6XruyjwUK1fPG0sToVRVdVwcIVxETnaj7PRTRwu_TCGZZId5GJR9RSYdhAYFYhXUWF_OqvL07OZDRIxScWLfqVnqO9fN6mGGgbCoXaXbXXqSlnnU_1y852D_pVkcw7IjCiELUw_VgDm-sR6AO3UqYwIhhRu2u6bQIWjiHBoj40E-t6LFhEHQtrmjeXuLX1erErsMeYx8TwgJsvDVc92YKKQivXeFe_du3b4bN0PMoN0ekzAgd2YUXimuSdsnZ2_OANpAgWc72_QXrfpK1rzFExe4K_GkChhX0HJNlKNsSUSjUW31tfMHuyfpsSlsG7UOBUZ814cPw_Y5bGr5OajWAuZKiQqFnZ9Dy1jpnqSipj-_dzclVeoAUAo7YTJqpFiEoOeoNc_2J8YwtoRarmopSFIcJj2w76AqXuBndz8aUQgEEksAyAmmjf6BqQpLPyrZkUIx2c7X99EoluhpU-tSeDyKFu-q9pITHVSOU-_GnYuOJ7BZEZ1MPmtBjSBK-avvzQStS2-1NOSemOraFKkYAWAB&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-6113467694901384&ias_chanId=1&ias_placementId=20123185343&bidurl=https://alkoora.livehd72.live/m/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jreJfxF1XB6iUvhxLCmXai&adsafe_url=https%3A%2F%2Falkoora.livehd72.live&adsafe_type=g&adsafe_url=https%3A%2F%2Falkoora.livehd72.live%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271802%26client%3Dca-pub-6113467694901384%26fa%3D2%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26xpc%3DCxROEXB520%26p%3Dhttps%253A%2F%2Falkoora.livehd72.live&adsafe_type=be&adsafe_jsinfo=,id:c41cc067-3020-bb78-b8a4-34f7af810b01,c:qfuh8R,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-b4brn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tRT5DBk+11%7C12%7C131%7C141%7C151%7C1611%7C1711%7C1712%7C1811%7C191*.1474271-71242846%7C1911,idMap:191*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:28,oid:b281243d-6416-11ee-a2de-ae1008ffa1af,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_728x90.js

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBvJwpSRdkjLRAvQLV44R68&google_cver=1

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJ1iRVTuDw0OAtG1K--zbHc&google_cver=1

Request Chain 237

https://fw.adsafeprotected.com/rfw/bgd/1135760/69474498/xbbe/creative/adj?p=APEucNWkSb9LFsydZyzqmdFr8WWj2bz7lZI1qfFuOiHR59jP-HS5H2I&d=CokBAKAmf-AFOmkzfOu59gR0jiE9IxJ_G8oGbOLLQTbajPBxIHky2k9Ma4qcA3esTpC7Gau8xJXqbYmtdaigZW5JRIiv68EAFXxFlDjBOTpgtDA2YFEbU0J2eL2ZZ55UoKVxAJRAN9MQadevwFWDFX3zFsteFKla2qFtTOIp4sFzaPHpXtSieu0aPvcS2RUAoCZ_4PnzkanqGCvqtOncBLVDoQMtA8iDJY_uAbz4FzOxYbk-DU9iA-Ex24KQwUFAGoWoYaAXqd83fCumg44IXobzPdKT4TVLBV83Mu4iQr9lXkxeJWH8ZUQNG_aPNm2aLqEwNlOBmjgyY7VjM8Kk7TFC16ocKLLqTrnA3t7BOgIzq0U7d-Iq4BU5eJe4ayrmblQus_IJgID25zZ5jA8dtfVUx7fQYaLOzMxwRB0YaqHcsMpWelN-Po55Oy9a6L72xAfdnm83oi0rDx8J9lQLhnWsi2sE8-afcxLsUM3rshrkzwycXzYiTP1rqTVNDah8Rh0zRT73VOvwyi_rSRHVKW5K2Y5JUQin5HTfHTEtaLRcgoRp3RI4yVhDqgs1DmX6XHFnhvdZAT1AVzrsXh2XGHQeZavMuW5VsDLz3YBu-NWNkOIDvhV1qTMKWdDqWrK6gQmYgeBikS9J0VZvhv9y4r2c8c2iR5L4loHETwCdZgMpib62pT7Kxu5y82buY08oEBnFpT2WpD1VuQy8LoWMImCWbu4PjvO8Lbir7Ci57LtdnL0aRhktkKUD-AFM4sBzX9qBsI1fyUt1ibgn8fR5c7XmZ9wpuV_4kvYy7qR1zGyA8mb-wHNBbxnzMsIEDjwNXOmI4wjvVjer0AHsWE7HqE3CU3dsP9a62f9BMUh4g8pKO1dyLbGrgxSbKp9OUsDR3SFoz71vTEg2qFXqkZwzkYxXoEPqPtaHylF2KbVsXdl625c9KNkdjMYOgngv0K9BXup_FPr9sJeq5RU9d2qBmqv8LxO1BOCN6O23owLN6_gCw7qdjfWdyHKVEBeUGnoRU8s_l-ZiPTTUqgrcWyQLRPKWJuqZ17ii7hQyrY-UAZ1dABLdTkqW7hpp3kMuX8HmtOzMvpfLebwOvw-BwPg_7QjgtNfQXoakQTmSCYBnWtiAQy7oJOYZnOGjWxDnpJc_NjJ5IeByIPiLUdKgS-k3Ww6mA6EKkNNqFA0am5PYptNQlPaJyNYb31i4qvx1LtpFWaFXjQt5rGkO3hVfURwfq7RGSxijdSTDQ49qARJSEhIdfPxlmpXPhYuHuK6z_K8HJ6EbT5G-OBQ-50yTmW2a4Ohcpv0yHuME5ergftOTlsOCHy5FpF6T186WqRXX16txN2ctPESVNUCR2knCQtkR_Ik9Ho8cFLxuEhmLABOx5IxDId53iTjYAcROwyhmIaW44ZpbeyM5OpwVSveQXowMlnFDcGcyBBLsZHti7frooZKpXJ6RNQaRLiRKgSKXt3AHiK7EnEzz4QuQm4FcVGLS7I3T-rG7JmBYRc_0OeAZfwEVv7_9EqelO98IeUgucsoIgqaFwMvLrUwR5guFfXMfkLSZjbOAvTS8hjUHK_ckO0h0SNpBo7OmJ-YfjIBolgbUJaRB_tP5Ha_ywIU29awi3Sjq9n5jN1LEm-MTeXighFes7Nfa5HuKOSNDWZ_LLBedtvSEJ4aY-uhKdxG4Rrj4fPKal1Fv_GP7wowrAtIp2i4k4UZ1jnNsh96B7LDhw8eNNkPBwcM0ysXLd3QFwzrS18AjGhXHFAploxCxI9xDlKW5yl4wtR2j1ydZOQAjSclQgLlxEihF89kTDpc95uKYQHLitxmduefU2UWbFbnMxPMXj47LDHLgT4IAbkb-KCUf2aV8d04Oz_KGzebK_EpWx4eQ9JAZKYcl17IRNkZijClDZb8d2jo1533BEYoH6Z5XIuT3QnRnekla9ULweRd9ztvffD_8NRKS8DX8C9j4blYW01LTNWz4zSwbIQFt_zN8Cze_WxR2fHPrxJBN7RqPuta9P0Om-EOI4Na_SlWw_oHI9Q3g6FC638BN1NLDPurBjk-t5r3qPIDval3IyxHPCssWInsbAKnQH0eoH-ylwmB-eMjtqU4T5Lx0QamSkaSX7758-Un1gbFhf3PJ81CIE0BuvPvO1ReOLSSrWcR1kIsKqJo3OdV6V03jMcT_PjceB38QyoFxwoUpQz45XjHAV-DammUqJIOS4Za5Hh9OJNxFVPImR3k93Cfq_6K9deDixBAC6rUXd0QdA1mxbC40QyahxwrOWUiH-Nvlb6IRDron7nLVZaG1R0qul9h_QGI-zI8dpzW6jyN_0q8-OD1MZpo9DBR9FLSKbU4SYH-Wbe1WoAEHGl35WHSkA-9_nQHBUZIqF96PbMMPsQAYFkdjd3G_xskVPN_RVh3W9Hnhx7vXWxe1flbAI7sbhS-zqGVpsuVtXc_jLYhzOZodn_u8q357Z4CPlNbStlbJgLPjFXXSeYuWHYRRrXGB1A8s21NjtZZYNalAjTXy1vO3P_hhC4rDTAlskYVooNesWXKfSd2nCeNbMoEekogckiFPHoJ42gmDx6DI5NuakZzi4FSL-UKPwYdIufsyshqmG5kf6S8mST2hrytYb-s_UiJKHbV0-Rq7NYUAgxxQlWilIcnUth56wqh6q92sC3EsWjGc6Gy889oHBU11WVaHxIMPPsYWxejUQrhEDCBMa6rdlSy3WgwVD80EarZWpTYJAAyRFdV04feNotncnNsc2WALAbH4vez0-Rgb8WLGnkvhvwjKMSgKYIsxLRTUrAFn6VvKSRnsINeeM80M4orHPqprwF4VdVRLIUXbraEWV_z66EeV4n5ex7BPhaZHVSHmaYGGo5nOjunozd1Ygtkvne4rQBADgcZ0zKyTm8ouusziMjZ2oF2Q7kgmupghd9kwgaY-k_9W46W6tSZ5lk0cto6eeaNhuV6eYF20J0AGKuvzTg4gghVAUCbdlwwhK0QhlHABUWWh3F8hq-UwsEvz_srzw3OfNaO051vuaWLYIOu3ZlOl869lkYN1MZR00ouZGtgFCFRvEtPosX4LZSskgrm1CTnOY_hwPQQb9vj72roGEOe71vz1Ukz4thD7WFgV3CAL3pumyTDP9hRS7Hen59yH53OCJX1Jninl4ybO4kSmrdnSkT4ClvlBc6lZQnWTRsHSumUIyed5BGyHCL-J9zgL61UihnCcC40-vNHjdVTirZ0x2E1rSg2LXktJr7sfWZC9AXDDsw0OUjN61fyxFXBEst19PfBcT8hDivZad1xuR19RqnuhQgivoBwgOVG6L2GUAvta-AoKUCXvFFNR61-fv4aTG4er83iWXAnXzm9PsyxS2JXRWY0javPTiBPG42G-2554a2gGgxZm3weL4WTc1YAGqvx8kfn_XbiHbl1qGKgDgvMIypQtj6Fc3IXmaBdIRheLa3yrd33iloKjklo8e-ZU2-A7KGxd16Ev0yU_aJDaWxKVjeSHEW7jE7zu78GfF72mIxf_4BvkCQbEzrmHmxW3mxuQWuBX_tg7z7IV7mrMMjvdHbKNLC8gBr-t7gg7Og4eJIhrTNeyiCfmogpkiYcL6povumvEwJqgtq4I2ATPLutrNpo0qp2_gi0H2x5glRUE4oTjMxbk1p7Qcr_dKbDFKx4EbJHSPQOAGiAWpPNywq3AatJ0xPmKTjdxeOLdp9PkLqqkLCD0DCTLweM2ASj0SANxIUZYddG_2R5-ZJF7Nw5eQUTfNugHW5kG0PINl3KhEGxKdeVCql0YnbFbC-ISE0FSY4D5c8FW7vUYCEc2wwiD_WeHhKpfLprVKmh1HlN04Z2VZDsoQjE3SX0CbjP3wqJ33ckZPhVzs079u3ovjC-YUCYdQ5ZZOpE4kAYIldWgvlpPtVFgThpRCAQSSwDICaaNG1TQjeNWV1PVuai-kmwAx5dI5x_nSsf3fqzeV-N0ASzysDfziv9LbHaot2GmBX3V2v6BB3ZSrfywiVVaAc-Euv5gLJCkzBgBYAE&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-6113467694901384&ias_chanId=1&ias_placementId=20171342326&bidurl=https://alkoora.livehd72.live/m/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jEBIfMSLRRy848YrCB3DSM&adsafe_url=https%3A%2F%2Falkoora.livehd72.live&adsafe_type=y&adsafe_url=https%3A%2F%2Falkoora.livehd72.live%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6113467694901384%26output%3Dhtml%26h%3D250%26slotname%3D9272047299%26adk%3D2789970875%26adf%3D1157907922%26pi%3Dt.ma~as.9272047299%26w%3D300%26lmt%3D1696568712%26format%3D300x250%26url%3Dhttps%253A%252F%252Falkoora.livehd72.live%252Fm%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1696575912495%26bpp%3D1%26bdt%3D685%26idt%3D452%26shv%3Dr20231004%26mjsv%3Dm202309291101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1200x280%26nras%3D1%26correlator%3D335913105674%26frm%3D20%26pv%3D1%26ga_vid%3D31718114.1696575912%26ga_sid%3D1696575913%26ga_hid%3D640100102%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1300%26ady%3D943%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31076838%252C31078631%252C44804180%26oid%3D2%26pvsid%3D3374131933877549%26tmod%3D621009470%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfeE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DFEuHKy795c%26p%3Dhttps%253A%2F%2Falkoora.livehd72.live%26dtd%3D457&adsafe_type=d&adsafe_jsinfo=,id:627b650f-c059-5cf9-c2a6-5b1b1d908ec7,c:qfuheM,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-qbs2b,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tRT5DHl+11%7C12%7C131%7C141%7C15*.1135760-69474498%7C151%7C1611%7C1711%7C17121%7C1811%7C18121%7C1911%7C1912%7C19131,idMap:15*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:b2a21a89-6416-11ee-a43b-8673cc910387,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_300x250.js

312 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
alkoora.livehd72.live/m/
Redirect Chain

http://livehd7.cc/
https://w.livehd7.cc/
https://kora.livehd72.live/
https://star.livehd72.live/
https://alkora.livehd72.live/
https://alkoora.livehd72.live/
https://alkoora.livehd72.live/m/

104 KB
17 KB

87ms
86ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a83da938b5d2f5fde7eec2b492f2c21ab5f689e41485cd8b42251fd8c8c9a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 811c0df848002bb0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 07:05:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAT4j634Sw2kham21xNBMhahX%2BZ0jl47fn7Vy4YwPYLjE2Ns6WXzdLt5jdzxLMc4nsreKOvfoM1%2Fsn72ZPUgv6aikyhqewNTGAj%2BqA7owyN3Okxjqz03mRSlBPfEtLiiXocNSsiIt0haqUB0HqOH15cLa%2B4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 811c0df74e872bb0-FRA
date: Fri, 06 Oct 2023 07:05:11 GMT
expires: Fri, 06 Oct 2023 08:05:11 GMT
location: https://alkoora.livehd72.live/m/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flCmDbGVlF2HlqzUNLwTLLwuDj0EpxkqeAAbeehX2NpS70v1I5%2BSRzoKXDtR8fo3ib4zvRKvz9U6boh%2FLvW3%2Fq5g7EOHn%2FHkW0twJGo52j%2FbOJUwyH5svoudJfrc%2FSKTkXUc3XWO9j8AwojQ1Uki7%2FrTrrg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 style-rtl.min.css
alkoora.livehd72.live/wp-includes/css/dist/block-library/ 102 KB
14 KB 52ms
51ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.3.1

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:11 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 08 Aug 2023 21:32:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMi%2FbpOjNyjBh33Kp0W3Qa4rU%2FPKCWXZgebGLZg2lLAuF7v%2BlvoL6HIzDHHto9XUZiTtEuy5Zh9z9dxKLq3blDlFrAInmj0QQFiPP%2FTwQeEVD7q2IT0WizuGtRyRCsrolt62xiSECzgLtsL6DfFtcdYYdbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 811c0df8fcba1e5c-FRA
expires: Sun, 22 Oct 2023 11:30:24 GMT

GET
H3 200 AlbaSport.css
alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/css/ 18 KB
5 KB 50ms
49ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/css/AlbaSport.css?ver=13.3

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87a47fa8d5712208e2ab439d0fe8e1145ce71571ca702499ab1c7c7b5fa6eb1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:11 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
cf-polished: origSize=22403
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
cf-bgj: minify
last-modified: Tue, 23 May 2023 15:12:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPRHPSeODRXbX2SB4uy80V37BZKBe8LJCqFmJzzK%2B5LkE6dJXMKvsUytGEfKHWsHwv%2FsAtMPFAoRi1G1xSDM9%2FRKiddI1yHoU0j1BeAGajMPGIOJInysQfFhXMpchZt3agpD%2FRzLsMOwZi0oKvXdzWUQsuU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 811c0df8fcbe1e5c-FRA
expires: Sun, 22 Oct 2023 11:30:24 GMT

GET
H3 200 js_composer.min.css
alkoora.livehd72.live/wp-content/plugins/js_composer/assets/css/ 474 KB
47 KB 92ms
90ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

184158b86609c0805441583af03684e5d2e349b481bc5e0b405eef4f63d0f25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:11 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 308863
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 17 Jul 2022 00:39:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuainNx0cvAVd5h34ZDlNGTITOfeE3mlCvV8G%2BWQF8A3SuYFL0GVfiazw%2FwNOfEp5hXxSu9ZDdXkXca7M%2F2Wi5I8wOtcUxcw%2BD0E50QSAq9EnQibwsy5MAljy0tnTHZZBYTNWKswbR4HWVZprgtjf1t2hP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 811c0df8fcc11e5c-FRA
expires: Wed, 01 Nov 2023 17:17:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 141ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic&display=swap

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ddcb6c884fa07f3c6e8eb476a17a3c8afea2f000765b31b1a569b85db8e77c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 07:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 07:05:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 07:05:11 GMT

GET
H3 200 jquery.min.js Show response
alkoora.livehd72.live/wp-includes/js/jquery/ 85 KB
31 KB 172ms
171ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:11 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 08 Aug 2023 21:32:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heP7UkdouNY2K6ImZZnUZiWCAqKH78hD%2F7%2B%2BnmYDL73ZSm7vjWyLsnAPaB8KR20kCKA%2FRrlcWqqiG4uC2tS3JHc1KL0P%2BePugZI2AclaEAHnSzSn435rl%2BQn90F1XgndHLoBC%2BV0TSbfOjHVPPoyMqsU51k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 811c0df8fcc21e5c-FRA
expires: Sun, 22 Oct 2023 11:30:24 GMT

GET
H3 200 jquery-migrate.min.js Show response
alkoora.livehd72.live/wp-includes/js/jquery/ 13 KB
5 KB 50ms
49ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:11 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 08 Aug 2023 21:32:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWjrf2awwDGWBufAH8lmdOyitqecNpjME2BIZPESPwZFQ7xa82sBwHAKmNgkd9eWnA%2BLhftl5lWavkAbSlW6fSBGapqyhMfB4kUKKZfi64umJe6MY7Pv2mD3Itf7a3ekpmVLv8dalzfyQiJYInvm2XBIs5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 811c0df8fcc31e5c-FRA
expires: Sun, 22 Oct 2023 11:30:24 GMT

GET
H3 200 advanced.min.js Show response
alkoora.livehd72.live/wp-content/plugins/advanced-ads/public/assets/js/ 7 KB
3 KB 212ms
211ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.46.0

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a4dd11c3764a3be7caee75eeb660be2d9f01fc3ba61f95990d8f64e5e441875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:11 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193224
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Thu, 17 Aug 2023 23:29:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoyseQFbU8HTer1BtX9ICGzpj69Tnp2Vjk6yVTkcSRn1TJ6xponWMhFyuuvMY27%2BOjoucB7sEsV%2BcP3b8f9jZEnDYUZDTpQxX0ubDDa1TGtJuSQrHRtegt2yR2Lvbve0JnAMOAoj48cTRg5M6iWOfaq7sKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 811c0df8fcc41e5c-FRA
expires: Sun, 22 Oct 2023 11:38:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
87 KB 169ms
57ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JSE7HX578Y

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79c08415efc9f89939d231ac1188331265f8e6609c395500f38d286efbc06e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 07:05:12 GMT

GET
H3 200 8c54031241073ed868cf80c3836b3fc5.css
alkoora.livehd72.live/wp-content/bs-booster-cache/ 826 KB
116 KB 212ms
212ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/bs-booster-cache/8c54031241073ed868cf80c3836b3fc5.css

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

573946063a72b37c017ea096a691816605f9f6c9aa7cd38fc31f9c4b5e777bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:11 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
cf-polished: origSize=846366
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
cf-bgj: minify
last-modified: Fri, 22 Sep 2023 11:15:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVZxP7u%2FfGSGWfWkBXtiLf6jHxTiU2e%2F%2Fewsvf7f%2F2rAW%2BD40yhZbxXD945gxaJT5rSupdD5AVNkGswKMLIaEYl%2FyzijVKX%2FIXVmsaVgNxkQ4UeVrwBqWGk2idLw2F8o%2BVxzxswIaFYy9y5f4j417cOwXjI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 811c0df8fcc61e5c-FRA
expires: Sun, 22 Oct 2023 11:30:24 GMT

GET
H3 200 0402fa41db04ccba968aef7b3159a926.css
alkoora.livehd72.live/wp-content/bs-booster-cache/ 44 KB
7 KB 272ms
271ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/bs-booster-cache/0402fa41db04ccba968aef7b3159a926.css

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09a55cf1b58dba49abbedef8a36b5d911f890391e10328cd4e0f8e9c2c024fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:11 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125383
cf-polished: origSize=44816
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 04 Oct 2023 20:15:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfvOuv4sQlA%2FargluZZSBECabmG%2Fhs2GcuTZ6gAhuV2TSiSqejkDT2qYnVWgY5iVpwTOev30gjSs%2FYlGt2SQEfvyFlHIaoTgmXH3KENK3P1EhbuK7DD3YK8ZCKyZVjeLe0O4PAtv8Wz4B6O5ruatoaQNtxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 811c0df8fcc71e5c-FRA
expires: Fri, 03 Nov 2023 20:15:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 255ms
143ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6113467694901384

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ad2a0944965e2cc0979d5fab177f9d157a4d111221aa7e02376d135aa557783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50691
x-xss-protection: 0
server: cafe
etag: 7971036911835035393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 277ms
164ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5001888643809920

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12343eba76cae886e2a62c650c22c22204a0b768426331253e6a5cd81d748a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50684
x-xss-protection: 0
server: cafe
etag: 461440886701594664
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 291ms
179ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2193958248700102

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db71b25aca02b56a09fa6d4d64844ce86693757227739aa518dac34b5eb95684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50686
x-xss-protection: 0
server: cafe
etag: 2333990214872744610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 209ms
97ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3102132378105411

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43b4e82e981b137b4638ceb39afe7a92ca874163110d829cf8d07d0fc81100d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50685
x-xss-protection: 0
server: cafe
etag: 6086074959311359726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 197ms
85ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7253644072714154

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

858d2b89ad7f7c840ccc565cbcfb6af1afad41cbe28c76b96c53b774e5b44593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50685
x-xss-protection: 0
server: cafe
etag: 10806223628865315784
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 238ms
127ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6961313951651180

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f84f4f8c0c4080b3dd0e1d4c498dfe4a6af20cde44ae4c462f997727f5b73ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50684
x-xss-protection: 0
server: cafe
etag: 8648703215963551186
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:12 GMT

GET
H2 200 logo2.png
play.livehd72.live/wp-content/uploads/2021/04/ 3 KB
4 KB 192ms
55ms Image
image/png 2a06:98c1:3121::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play.livehd72.live/wp-content/uploads/2021/04/logo2.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03222c25f7d8457bea5f3310a6e3e7f8c23bcb07bf11d0f291acfde290e249d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 380716
alt-svc: h3=":443"; ma=86400
content-length: 3106
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJPeAVE3gloaTBIdTxPh0f1a17F9lSCQJHT9QvR4lr0nsOi88thpDHweZ0Vece2rU7LsjSvMpwV92rI%2BmFDFPZOaWfa0pgL0YRqQT9HDWwRUfyDIvCEbfUFGRP18eWTOrOex%2Fmymv4RTVRkkmjD54T0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfb3f4218f9-FRA
expires: Thu, 30 Nov 2023 21:19:56 GMT

GET
H3 200 1617.png
alkoora.livehd72.live/wp-content/uploads/2023/10/ 8 KB
9 KB 64ms
58ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2023/10/1617.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1a6221c49a2071980f51c3fb467a1f0f62372f09ebfff3cd0be58de9280e640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140628
alt-svc: h3=":443"; ma=86400
content-length: 8521
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 04 Oct 2023 15:58:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aDVd868kn38tzPP%2FDMhWaWG7Iammkz6m6ZSTtSdllxe5U%2BgfWnq8A84nPVUDJKqtq4f15hQsAhyMr5ERdKXRvCZQoX%2BgwMpULeV4jtQrTr%2FMudsh1DGx0Tx8mbfB5IBwitjO6y0C7Zw62xlGczgQObUbgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6eb11e5c-FRA
expires: Sun, 03 Dec 2023 16:01:24 GMT

GET
H3

200

12790.png
alkora.livehd72.live/wp-content/uploads/2023/06/
Redirect Chain

https://m.livehd72.live/wp-content/uploads/2023/06/12790.png
https://kora.livehd72.live/wp-content/uploads/2023/06/12790.png
https://star.livehd72.live/wp-content/uploads/2023/06/12790.png
https://alkora.livehd72.live/wp-content/uploads/2023/06/12790.png

8 KB
9 KB

52ms
52ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkora.livehd72.live/wp-content/uploads/2023/06/12790.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d71d89e118a62f2622e316948c886b823c66ed5d51cf21a6ce5bed13bc9d335f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762229
alt-svc: h3=":443"; ma=86400
content-length: 8275
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 24 Jun 2023 21:17:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXkfrjOL5EXxmS4yIAnGj7t9h%2BSPQ3U%2BVPYG2yof3H02skIg1MzTzSZaHs%2BNx12l%2BgBzVNb5Gr7X95l82VjwIn6ddryGggxVDp2sW6bA%2BnrGhs48W5E7UMrEBQvrbzMtGYx85khE2D1VufbSYRpqapuzzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfddb881e5c-FRA
expires: Tue, 14 Nov 2023 21:34:43 GMT

Redirect headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140648
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfNXVFxmfgUSQtdrXpp60GzQom5WTPXlx91m1YxOGOIJ6qEvICrHTLPv%2B5Z%2BFoyDrIe4jrbMSJpX%2FMEukNb4vvI97ymGIwWLKA41rmSAPtgwvN5RVREK49g1HMLW%2FAVdZCoBHXa%2BnjhmPwUNNUzfmfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://alkora.livehd72.live/wp-content/uploads/2023/06/12790.png
cache-control: max-age=5184000
cf-ray: 811c0dfcaa1d1e5c-FRA
expires: Sun, 03 Dec 2023 16:01:04 GMT

GET
H3

200

1683.png
alkoora.livehd72.live/wp-content/uploads/2023/09/
Redirect Chain

https://alkora.livehd72.live/wp-content/uploads/2023/09/1683.png
https://alkoora.livehd72.live/wp-content/uploads/2023/09/1683.png

4 KB
5 KB

60ms
54ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2023/09/1683.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff965117345941d5e43920e9f0a2e1629afb818fb2dcfe574e072b1d50352d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140901
alt-svc: h3=":443"; ma=86400
content-length: 4339
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Sun, 17 Sep 2023 21:28:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSwdgKvKfv%2FDjpDBaYqHI%2FjBp0VbqCJoW4yBc%2FGlf69pnEKJbQyO%2FeIiHdenNMhHyptAg4JfOIunFsIfPoQth1I0wnh%2BIoaBN15u4dNqU4u8CG8krrcKqYO%2BWBIQuGWlb6lGpfIMa6FgW4pBBMJ2VlFtUyk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfb0fa01e5c-FRA
expires: Sun, 03 Dec 2023 15:56:51 GMT

Redirect headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140920
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iE7zA5AtjvYSyogDSf2GPHF1%2BK8xIQrN15QIy%2FGbrMR7IclQb1%2FbCnu6mc%2BZdXiAkzP%2FpaA%2BxsgKPC8wSaXbJcpXL9QBAXbOvfxVwa4vAxZ0DJj%2F7utXr6fKFk%2FveAvWung363VepgduHHdh0wt8QyNThw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://alkoora.livehd72.live/wp-content/uploads/2023/09/1683.png
cache-control: max-age=5184000
cf-ray: 811c0dfa6eb41e5c-FRA
expires: Sun, 03 Dec 2023 15:56:32 GMT

GET
H3

200

10.png
alkoora.livehd72.live/wp-content/uploads/2023/09/
Redirect Chain

https://alkora.livehd72.live/wp-content/uploads/2023/09/10.png
https://alkoora.livehd72.live/wp-content/uploads/2023/09/10.png

7 KB
8 KB

52ms
47ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2023/09/10.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e6133522c02619bdbd511938bc4c9f30212d3ed13be722f94f8fc51563e4380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140901
alt-svc: h3=":443"; ma=86400
content-length: 7272
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Mon, 18 Sep 2023 21:00:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMP5TQVYBD4FSETicuAB8QcP0uxj%2BcEQOwbiqIrOb0GxVZDU%2B4K3YXKoH75o1abCyLAnBeDnsIuTAG8klo2onuzj1Osl1tgwUbB5eDAeAK%2Ft%2BOQQI7nZa2Ak%2F6%2BZ9b2RB7b4%2BUDVuwXSVeALFhfWdBD19Cc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfb0fa21e5c-FRA
expires: Sun, 03 Dec 2023 15:56:51 GMT

Redirect headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140902
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBPp91AX%2B1VvsfBxp%2BKffyVqM1axidB%2FOcb0BrzXMbz6hvk5SpM5ymdRF9FKHH7QG4VRX%2FtTlrc29UCuELlCrS5qByjGmFKYmEbCmATX5XXL2aCDTwZOwuSodJlwdmvVEwBPhco3VsPZVKETcLsJ5eCLAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://alkoora.livehd72.live/wp-content/uploads/2023/09/10.png
cache-control: max-age=5184000
cf-ray: 811c0dfa6eb71e5c-FRA
expires: Sun, 03 Dec 2023 15:56:50 GMT

GET
H3 200 %D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6.png
alkoora.livehd72.live/wp-content/uploads/2022/10/ 4 KB
5 KB 90ms
85ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/10/%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abbb00f7215c521373302000f35093a59ed322598b7a7e8658f203ffd1ab6af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140902
alt-svc: h3=":443"; ma=86400
content-length: 4259
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 16 Oct 2022 17:50:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGKj1qM%2BaZAC0UQl585HV%2FeBryNLnyUbCuYwmbeSsthBvH7lE4ojnf0J%2FyN4mUFhmkNrIXUWaMh7yMnBZr%2FFy7RmzKgCA67REMUPrrFmeIyKQXjlusLWhvgA%2BMoyWzNMWNcSkLCeNuvUK1EAyUuzvbMlB2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6eb81e5c-FRA
expires: Sun, 03 Dec 2023 15:56:50 GMT

GET
H3 200 %D8%A7%D9%84%D8%B4%D8%A8%D8%A7%D8%A8.png
alkoora.livehd72.live/wp-content/uploads/2021/05/ 4 KB
5 KB 74ms
69ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/05/%D8%A7%D9%84%D8%B4%D8%A8%D8%A7%D8%A8.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0008ec363714aa285af5081471504f1d1781bcf042af6593301150cc319cbbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 214035
alt-svc: h3=":443"; ma=86400
content-length: 4114
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 06 May 2021 23:46:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrbTCFDne%2FbKjWDsbeyXSf7%2FD2%2FrNIYD9v2kqltn5LrRgJSInjBY5bcVXKou39SGUdCedAQfLBnC0HxDIXOvje0hRlSufFSTdiGvA3ctiwqJmHv42kTpGBbPqBn0Gvgul6WmPys3SKDabKHE6amJGss6zLY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6eb91e5c-FRA
expires: Sat, 02 Dec 2023 19:37:57 GMT

GET
H3 200 %D8%B3%D9%85%D9%88%D8%AD%D8%A9.png
alkoora.livehd72.live/wp-content/uploads/2021/05/ 6 KB
6 KB 76ms
70ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/05/%D8%B3%D9%85%D9%88%D8%AD%D8%A9.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cc1abd90f8157ac4f56124a0451b6c5efc460a8cb974935023f054bb9aa166a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140918
alt-svc: h3=":443"; ma=86400
content-length: 5884
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 05 May 2021 23:23:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0S7NnHN%2BfvmYt%2FQONIiqFK9Fb%2BAxQY5Tt0Xd54pvHUcSSlOVPgwUrUX%2F3MxlRaXFMbkJ7RYgmxukmeHcgsKtot%2BkXALIIcXfOzyLLPIERpuSJlCg3kDZySeMKPiV5%2BhvWRENY%2Blhqi35n8rWQBJ42KUbOY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6eba1e5c-FRA
expires: Sun, 03 Dec 2023 15:56:34 GMT

GET
H3 200 %D8%A7%D9%84%D9%85%D9%82%D8%A7%D9%88%D9%84%D9%88%D9%86-%D8%A7%D9%84%D8%B9%D8%B1%D8%A8.png
alkoora.livehd72.live/wp-content/uploads/2021/04/ 6 KB
6 KB 76ms
71ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/04/%D8%A7%D9%84%D9%85%D9%82%D8%A7%D9%88%D9%84%D9%88%D9%86-%D8%A7%D9%84%D8%B9%D8%B1%D8%A8.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e76b6bbe3a0a21a9cf3ea057fdbbeeeb9b682427a60c65ceb6ae75c91989e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551635
alt-svc: h3=":443"; ma=86400
content-length: 5837
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 29 Apr 2021 20:43:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyB6b%2F1IE0vqpxmBWHt2xLpuYKTccjZGSsneCp0PKF2NTq4SVZifR%2FYAXdG%2BYyPIaFgNnJgx%2By%2F0uBaF5LeCB8lOPnMxu59mw%2BsKXdeK6XFzrX1USwa21zCd10GGJgsrIjAw%2FgfqBxlMZfCTmHdg%2BVs%2BxCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ebd1e5c-FRA
expires: Tue, 28 Nov 2023 21:51:17 GMT

GET
H3 200 %D9%81%D8%B1%D8%A7%D9%8A%D8%A8%D9%88%D8%B1%D8%BA.png
alkoora.livehd72.live/wp-content/uploads/2021/05/ 4 KB
5 KB 79ms
74ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/05/%D9%81%D8%B1%D8%A7%D9%8A%D8%A8%D9%88%D8%B1%D8%BA.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86b47584b4bec77d09cccb9299b6416159f386f10b805eb4ff377077dd97c574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 487520
alt-svc: h3=":443"; ma=86400
content-length: 4279
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 14 May 2021 22:14:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reAKtsXW%2B8R%2FI4wwD7P905RjDUxC%2FHSQjGj0Rs0cNAcxTfdW6PcsNDYqRLEs7Vu1GslOLItz12XZV2CogThAdclJt5oDDR9MrSd2lY9D1lDyH9VLfDKrDR0ctufg24RGMIgWib%2FbsFtv8fnHH47G1mgAqP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ebe1e5c-FRA
expires: Wed, 29 Nov 2023 15:39:52 GMT

GET
H3 200 103.png
alkoora.livehd72.live/wp-content/uploads/2022/10/ 1 KB
2 KB 81ms
76ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/10/103.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c70c1d037a9253c679129be440bbb47724d615716c80cac4d070963218800cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 542961
alt-svc: h3=":443"; ma=86400
content-length: 1500
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 08 Oct 2022 00:25:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scM0Owxr3pQ8YojcNrpNW1HY4K24tuPqbQC9B7zAeGSDwU7ETci0x7PKSfuh3JXtZL4e64GFLA1bOsynZWbVGa6an0xPVQGJoJGD6kB7v6MiNqfo8pjvYssuKsHEOPlb1BR5pap8IHtCFXZaTjbfpDC%2FIoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ebf1e5c-FRA
expires: Wed, 29 Nov 2023 00:15:51 GMT

GET
H3 200 222.png
alkoora.livehd72.live/wp-content/uploads/2022/10/ 1 KB
2 KB 82ms
77ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/10/222.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1650825e6c38ca16c41288baebb0888dea037490617c85108071796ac9b13acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 542960
alt-svc: h3=":443"; ma=86400
content-length: 1437
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 08 Oct 2022 11:02:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cgbqfgtZcjc1gXnmXWcE%2FsZWAjxWbeRUH5bxblJH%2BpTGzhJO12%2FTzL0l2tyKk%2FmCeoYi1TG91sg2H%2Fvjd8VkYiq0%2B20ltA40frJj7GLGCPgAwK%2BeL3muJSThuxcE0YyJsoixn9oFXtcTjRYbXkZ6%2F7keGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ec01e5c-FRA
expires: Wed, 29 Nov 2023 00:15:52 GMT

GET
H3 200 %D8%A8%D8%B1%D8%A7%D9%8A%D8%AA%D9%88%D9%86.png
alkoora.livehd72.live/wp-content/uploads/2021/01/ 5 KB
5 KB 84ms
79ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/01/%D8%A8%D8%B1%D8%A7%D9%8A%D8%AA%D9%88%D9%86.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6adc68872560dbf2284e55cbc8782c6c82791abbab52b884e37576b2d8b887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140902
alt-svc: h3=":443"; ma=86400
content-length: 4816
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2FBeEAWxxt3T1CGzXLXON4QlfzijKa6BMATqhpdWw40hFDDehVZuUuiKN6jpBD9bTNaCC4ofRfFmClmih8oBxr8dEiZOeWLT%2BvQEesmB40Jo6fmzNqVFJ9Gkun8vw4nUQuFM2yqSvtM2gWxUVREiRcUO%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ec21e5c-FRA
expires: Sun, 03 Dec 2023 15:56:50 GMT

GET
H3 200 13370.png
alkoora.livehd72.live/wp-content/uploads/2023/10/ 5 KB
6 KB 84ms
80ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2023/10/13370.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7716b8d734dc6a595d6dc61f535dd2b18a9a671a824488d1d73c804b8e470b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140628
alt-svc: h3=":443"; ma=86400
content-length: 5210
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 04 Oct 2023 15:58:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=totcctfiH6qYSB8gw5jNwF3%2B%2FC2MisD6pBeT8cEMawLPj%2BUtpjs5XRa9DLCDvd8f78jEN2WOakfAwgse1EC5EiU0NwMnH5qAZfKSyAQuIICa6XNbKIoyaSq2JGVmXCfwdqMD71y1D8rK3CMctjDhIVGSK8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ec31e5c-FRA
expires: Sun, 03 Dec 2023 16:01:24 GMT

GET
H3 200 %D9%84%D9%8A%D9%84.png
alkoora.livehd72.live/wp-content/uploads/2021/03/ 16 KB
17 KB 90ms
85ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/03/%D9%84%D9%8A%D9%84.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f66fb2349895f5e02f3be4c30100206f7dcbe6f384c2287045e7b7fe50cb073b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 982488
alt-svc: h3=":443"; ma=86400
content-length: 16463
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agdn7PE8%2FjlALFWEW5%2FvpNKKQK2I10HlD5jqNSs6DADcQ9G%2BALNGRIkUGaY%2FiMWeGvNWItBb%2BzwDsbxNFb9F6YSERHyCuHyEYMNLvT1Yb1YqwiKVYkLAFAoZemoHIhPHE8PHIMD2OxYSWugSjq%2BbCVSXSVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ec51e5c-FRA
expires: Thu, 23 Nov 2023 22:10:24 GMT

GET
H3

200

535.png
alkoora.livehd72.live/wp-content/uploads/2022/10/
Redirect Chain

https://live.livehd7.cc/wp-content/uploads/2022/10/535.png
https://alkora.livehd72.live/wp-content/uploads/2022/10/535.png
https://alkoora.livehd72.live/wp-content/uploads/2022/10/535.png

2 KB
2 KB

50ms
49ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/10/535.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40d3b06f1d09138054ee8a96f8b085b13f68d88beac0fef2f46b90016fcac9fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52746
alt-svc: h3=":443"; ma=86400
content-length: 1757
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Mon, 10 Oct 2022 22:10:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEuW4NAJSe8PNCamVy%2BzJnfVQ2GGNh6MXXdQ3NnlyOQ6mEhqdcvlq8WRfhB%2B%2FBVebOlDnPmh2was1ZGW%2FAE994G7C3ig%2F6VnsyVJXbTaNKC1al7AjLfJvdPKulavSuC2dvIxK94hoHmUBmTXTFbRLRctphg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfcaa1b1e5c-FRA
expires: Mon, 04 Dec 2023 16:26:06 GMT

Redirect headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52746
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iw3FWmu7DjSc7QzSm%2BTS%2F9Xg1M%2B8KyKrD%2FECTHULWUHj1vqEwoWn%2FJkLtprlrFid3BviL2os2Q8oGGz7ow8VQhg4rd7d%2BVJOF%2FzuD8gSnw4yV9CG7V4DFh2cZeQjGNmDUd4tOQhk%2BsmlAeaQPuVlmDEKNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://alkoora.livehd72.live/wp-content/uploads/2022/10/535.png
cache-control: max-age=5184000
cf-ray: 811c0dfbd93c1e5c-FRA
expires: Mon, 04 Dec 2023 16:26:06 GMT

GET
H3 200 128.png
alkoora.livehd72.live/wp-content/uploads/2022/10/ 2 KB
2 KB 85ms
80ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/10/128.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21a2e43f8b361a30e49c85f73588446d42fc845bdbd990da17648ab1917063d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 562019
alt-svc: h3=":443"; ma=86400
content-length: 1729
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 08 Oct 2022 00:25:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Z%2BDhrBBE0rECjsEDcCmG%2FKB2nu6eC9F%2FhPXe6G8TL0vEO6wYJwTN3JrNwTa%2FlSaWSfu3BUJIyf0s4QhfECMlNcHc2IIMg6FUHiygEdpN6NnRima7i1wzspdzHvHWl0D%2FYki%2F9D7h8s4qkBH3nSMrPXeVVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ec61e5c-FRA
expires: Tue, 28 Nov 2023 18:58:13 GMT

GET
H3 200 %D9%84%D9%8A%D9%81%D8%B1%D8%A8%D9%88%D9%84.gif
alkoora.livehd72.live/wp-content/uploads/2020/11/ 7 KB
7 KB 85ms
80ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2020/11/%D9%84%D9%8A%D9%81%D8%B1%D8%A8%D9%88%D9%84.gif

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcc293e9a2b96c8c746e6994044ffebc2c87df86803b9c95db7be1530430dfef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
alt-svc: h3=":443"; ma=86400
content-length: 7067
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRREisM3n90XaEtz4OPn%2B5xe2mlG8LkaONXUcGJ%2BVWfvd6%2BZKIG8Vna7PrFG%2BX0dQaxcczVTzMGsHkz6HXXZAF62SvFoA%2FqRHaf6rNeAFxDgn1y5BRVYXerJXlXVt568QxIzQyT2GB2J5dyS%2FNtrEAWctTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ec91e5c-FRA
expires: Tue, 21 Nov 2023 11:30:25 GMT

GET
H3

200

12630.png
alkoora.livehd72.live/wp-content/uploads/2023/04/
Redirect Chain

https://m.livehd77.cc/wp-content/uploads/2023/04/12630.png
https://kora.livehd72.live/wp-content/uploads/2023/04/12630.png
https://star.livehd72.live/wp-content/uploads/2023/04/12630.png
https://alkora.livehd72.live/wp-content/uploads/2023/04/12630.png
https://alkoora.livehd72.live/wp-content/uploads/2023/04/12630.png

9 KB
10 KB

52ms
52ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2023/04/12630.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a96128f7b3077550ab2a0571d771dc939239f8973bd34c289c7573b1e59b47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140647
alt-svc: h3=":443"; ma=86400
content-length: 9269
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 11 Apr 2023 22:06:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHcIZ96ZX%2FN7LuFaVyqYPcsuRgCdaLP0v%2B4rGY00SrLQQwvCx00dEr%2FWSLHhUoNq0%2FXstp5MI81iMM%2FjZwW3FtZ2xoVVo2bfvsrB7dHbYFyu4w%2FX%2FZpSAfpCV8oRwGMhi5%2FhFAnfAMEGUnoFj5ZhhU1n2rw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfe8c5d1e5c-FRA
expires: Sun, 03 Dec 2023 16:01:05 GMT

Redirect headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140848
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p83UeMHf6cowEIBR41DxF%2Fb9dpVQZo5PPQVIXIYwdFKPCllTcsEpPzhVD59A%2BmEECl66tKQKtRAyg%2FR2FrCWdFU1CJqKvGB0ZJdEgv95dhqrEkunVNoM9l8MEAxqQ1lNRikZJtv6SUGTDy%2BKZIF72JHJhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://alkoora.livehd72.live/wp-content/uploads/2023/04/12630.png
cache-control: max-age=5184000
cf-ray: 811c0dfe4bf01e5c-FRA
expires: Sun, 03 Dec 2023 15:57:44 GMT

GET
H3 200 %D8%B1%D9%88%D9%85%D8%A7.jpg
alkoora.livehd72.live/wp-content/uploads/2021/02/ 5 KB
5 KB 86ms
81ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/02/%D8%B1%D9%88%D9%85%D8%A7.jpg

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

797b90342d8b11e76549f01295bd22ed1cc2e36f40472399bb42bce6a50c320b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
alt-svc: h3=":443"; ma=86400
content-length: 4720
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYt3bM3JmzFh4DySLIOrc4qxLtMMSvr5tJnpdgEyx7JEjep6hfuSySsc4JpfzZ1o6g9mC57l2EzfV0qwh3%2F04fq3XJSZ%2BIK91ydZlQfaQzMwiL3jtx9BxXhmL39EEvEI3GN%2FVT8tnhhZ7OeVaEcRQHaOqtk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6eca1e5c-FRA
expires: Tue, 21 Nov 2023 11:30:25 GMT

GET
H3 200 1358.png
alkoora.livehd72.live/wp-content/uploads/2023/10/ 9 KB
9 KB 90ms
86ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2023/10/1358.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f11f1889264419cd5533c2c38f79984d7237fc4bb1917a845ad0beda86c95b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140628
alt-svc: h3=":443"; ma=86400
content-length: 9175
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 04 Oct 2023 15:57:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoSZEC2cZ9nsqJjN%2FVTVpry1f9BJfJ9p0iAwGxVGv7QQarYcAmNMknV%2FoOR26k2fHvxRxaIQ1ZUxTrecyIOmxGd91YC7HGsVel4JgNOdN%2BeMKijdQU8HQR4%2FgSYYezhZMARzGdLq1salH5%2F8LIW7fI%2Blx0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ecb1e5c-FRA
expires: Sun, 03 Dec 2023 16:01:24 GMT

GET
H3 200 %D9%81%D9%8A%D9%88%D8%B1%D9%86%D8%AA%D9%8A%D9%86%D8%A7.png
alkoora.livehd72.live/wp-content/uploads/2021/02/ 12 KB
13 KB 86ms
82ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/02/%D9%81%D9%8A%D9%88%D8%B1%D9%86%D8%AA%D9%8A%D9%86%D8%A7.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

416f2f546fbcedef016bf7f70db2539f9e0b23500ab7d1a7788ec9913038635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
alt-svc: h3=":443"; ma=86400
content-length: 12654
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7w03MIM0XieiIiED8nA5SNhh0AIXLYz%2FXMIRm0PNPuLaN4tUM3PI4bVQsrIgndDcRvpMPhWK%2BW%2FeHm5zCfkJ7zgrgf94556YDPKapWB05xvwgBMRh4J54QgKdGo0N8NWzIdCAkPKVIb%2B0XzJFud2upaQeco%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ece1e5c-FRA
expires: Tue, 21 Nov 2023 11:30:25 GMT

GET
H3 200 %D9%81%D8%B1%D9%8A%D9%86%D9%83%D9%81%D8%A7%D8%B1%D9%88%D8%B2%D9%8A.png
alkoora.livehd72.live/wp-content/uploads/2022/09/ 18 KB
18 KB 87ms
83ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/09/%D9%81%D8%B1%D9%8A%D9%86%D9%83%D9%81%D8%A7%D8%B1%D9%88%D8%B2%D9%8A.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0504a3bc414b1e7256cbb5792cced840009e2e5ec6fb3aa61d70eea4d674e15c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140628
alt-svc: h3=":443"; ma=86400
content-length: 18087
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 15 Sep 2022 16:43:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VDbPOp%2BAFZvLuXo1Fo7mJJlcTEbLAbMTwUhZVFv2t0O5ztHcjB9Z72TMIMBWkp4njXBbarBkYveLwOArGgChAaiXFZuKKnucCUCyTdCAhqbxsVesqQQdgm6rBWJi%2FGQDwtDLSJm%2BT1otpWr9HG4JYOa0K0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ed01e5c-FRA
expires: Sun, 03 Dec 2023 16:01:24 GMT

GET
H3

200

13.png
alkora.livehd72.live/wp-content/uploads/2022/10/
Redirect Chain

https://live.livehd7.cc/wp-content/uploads/2022/10/13.png
https://alkora.livehd72.live/wp-content/uploads/2022/10/13.png

2 KB
3 KB

55ms
46ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkora.livehd72.live/wp-content/uploads/2022/10/13.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7961aa3124a18053f14804ba1e5c4aff688758a575cf3716befe1e929e2249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121711
alt-svc: h3=":443"; ma=86400
content-length: 2023
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 16 Oct 2022 22:18:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDlIB2Som2ey5ompyERMnikH8rUpFsqhCX9CNwo0oAZKmGta3qgBROUoLEspwuY0LyG4saXHwyLlnJS2DgGVsUAsinchQUWCnf4Vtz9%2BRMRg3yJQrC28b9SbZAMm%2BFLZ7lk3cwpikSO%2FGmHynqQ%2FDV13pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfbe94d1e5c-FRA
expires: Sun, 03 Dec 2023 21:16:41 GMT

Redirect headers

date: Fri, 06 Oct 2023 07:05:12 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsAhjG8hT%2BvP2bWAv%2BAW5hFrLyytm1yWELdsh8u5NO0J8OIGh4sIhap8vYMRMLEr4gH1TlDWqF7aOxTMM60qQ20ySF7wZVS3RdqhJjtibk1OVDuajTJagbEZK1fdSNkHrzzeGlCgiH85DmjN%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://alkora.livehd72.live/wp-content/uploads/2022/10/13.png
cache-control: max-age=3600
x-frame-options: SAMEORIGIN
cf-ray: 811c0dfb6fb33626-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Oct 2023 08:05:12 GMT

GET
H3 200 %D8%A7%D9%84%D8%AC%D9%88%D9%86%D8%A9.png
alkoora.livehd72.live/wp-content/uploads/2021/04/ 4 KB
5 KB 99ms
94ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/04/%D8%A7%D9%84%D8%AC%D9%88%D9%86%D8%A9.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caad3a8002967f41af4aef5e8a2884761e9b0527e7e72353cda819b34e162584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121711
alt-svc: h3=":443"; ma=86400
content-length: 4200
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1n0ud1gICorAsoSdyL3LjndrzWdEkXkCp6mk8XDLT1Vp%2BRCq2x5mfkPceXpZJ5ZJP6r3EafxDiOUNlmGdaVmuR6A3jODsmmeP9ikvFQmHyfh4cJb8peC9Z3yhSMHT170724t6TY8XsILpJjjdoyZ6yBLT8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ed21e5c-FRA
expires: Sun, 03 Dec 2023 21:16:41 GMT

GET
H3 200 %D8%A7%D9%84%D9%86%D8%B5%D8%B1.png
alkoora.livehd72.live/wp-content/uploads/2021/05/ 5 KB
5 KB 99ms
94ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/05/%D8%A7%D9%84%D9%86%D8%B5%D8%B1.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67cbfa412469ad1d694e0cddeabc58217980c00ffc983ccdc482f8410d59c49b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
alt-svc: h3=":443"; ma=86400
content-length: 4846
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 04 May 2021 22:05:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vIyMZKgSeXCEABIrhbFXfnV0EoWsKurK8vYcOl%2BZbkiVAtEDKlBdvnqGwbKUtBuGr9SR1RikLE7wtEfz6lhnLlv5x0%2BzDfBO7C3e0uBRsojvsc2P0rJSmGVLMdrnmaMjnkUYs7WYBX2sBC7GgbPphiOl7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ed31e5c-FRA
expires: Tue, 21 Nov 2023 11:30:25 GMT

GET
H3 200 520.png
alkoora.livehd72.live/wp-content/uploads/2022/10/ 2 KB
2 KB 106ms
101ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/10/520.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab24c84ddbc6ed75af647be619fc664fb9645362861859496d01f555ca3d77cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121711
alt-svc: h3=":443"; ma=86400
content-length: 1808
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 10 Oct 2022 10:05:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9Wl87qpH5VPFkbOxJsrAHml4Obx4jtfOfj60%2B4iqM4yi0PULI7zVmDL5eCrqgpP1t38bon1Zp48wec%2Fy3KjdtyzmAGBPT71xLSBJH03HLSWGdNWq4wsOhUGKgSPHbMFsjueQJKWjXIKFJwGKSKPe%2Bk%2F7ZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ed61e5c-FRA
expires: Sun, 03 Dec 2023 21:16:41 GMT

GET
H3 200 %D9%81%D8%A7%D8%B1%D9%83%D9%88.png
alkoora.livehd72.live/wp-content/uploads/2021/10/ 5 KB
6 KB 107ms
102ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/10/%D9%81%D8%A7%D8%B1%D9%83%D9%88.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e764aa230cc90d428441144faed7de79140185a08f306e9d46fc3b5708dc40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 214036
alt-svc: h3=":443"; ma=86400
content-length: 5432
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 23 Oct 2021 21:35:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7GEey7sCOAOE9Lzs2isDO%2F0Eq1%2BDf4I9L9FxYEdFG1ndiB1KmSoyLAzdddJmoO9aZ8be8%2F6mQFBLZLbGUoW4q87djLW%2FpXKjLA3%2Fa369hzBeTWo2PNre9fIjssTux6IP7KhiMIeUaRjWz3moAVjqMLX9hc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6eda1e5c-FRA
expires: Sat, 02 Dec 2023 19:37:56 GMT

GET
H3 200 %D8%B3%D9%8A%D8%B1%D8%A7%D9%85%D9%8A%D9%83%D8%A7.png
alkoora.livehd72.live/wp-content/uploads/2021/05/ 5 KB
6 KB 107ms
103ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/05/%D8%B3%D9%8A%D8%B1%D8%A7%D9%85%D9%8A%D9%83%D8%A7.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5e94f821e73b752d49ca2754a6718083e742e7939abf817decf678a37311d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121711
alt-svc: h3=":443"; ma=86400
content-length: 5249
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Sun, 09 May 2021 21:28:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkfDhu1f2NySM3ZUmjyKPAaxptLIevwo1X6ckU1j2UxZfC4AZV9lR5Q4LmhMKreWlzpKExYK9JVTVwq%2F4ImRepGHnB3HZm7kYTxP0xPKfRkBrzwT0aZKwDJiBKqTTGRqmzr2KrIMGUVg0kMMxedLr3xTo6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6edb1e5c-FRA
expires: Sun, 03 Dec 2023 21:16:41 GMT

GET
H3

200

133.png
alkoora.livehd72.live/wp-content/uploads/2022/10/
Redirect Chain

https://live.livehd7.cc/wp-content/uploads/2022/10/133.png
https://alkora.livehd72.live/wp-content/uploads/2022/10/133.png
https://alkoora.livehd72.live/wp-content/uploads/2022/10/133.png

1 KB
2 KB

48ms
48ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/10/133.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55832ab2fcd87f64646899500bc87f11021c32c4ebf2d5fb654337872ffe22dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 488171
alt-svc: h3=":443"; ma=86400
content-length: 1286
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Sat, 08 Oct 2022 21:52:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPULw52KU1kvx9zGNcHEVZUyBNXSJn4Oiz93NQgGaxT6O9u9oasWfefhAs%2FWY1t7TsjwMUrgcj2JMQcD1rqeeB7T4eY03Pj8TvQVydnvezUMyG0e5Lks63E7qaQV5RUwYDBr3j0AxJ8H781GURnp4wHGD00%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfcaa1c1e5c-FRA
expires: Wed, 29 Nov 2023 15:29:01 GMT

Redirect headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 533717
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8h1lZRSvszAW02vJ49%2FwZQZWNNIKgyPmzV1nn8xkUpNpI4%2B6mMrEhLLg3Ig55xLdSB6xdIPZiD2DataUsA4SJcjNWzCXsXB1QKpfwqu9nidM9RxPkF%2FqFn%2FqQAeUINb6ApXbbUtcn6nhAl2scZy8LCqDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://alkoora.livehd72.live/wp-content/uploads/2022/10/133.png
cache-control: max-age=5184000
cf-ray: 811c0dfbd9411e5c-FRA
expires: Wed, 29 Nov 2023 02:49:55 GMT

GET
H3 200 %D8%A7%D9%88%D8%AF%D9%8A%D9%86%D9%8A%D8%B2%D9%8A.png
alkoora.livehd72.live/wp-content/uploads/2021/01/ 4 KB
5 KB 108ms
103ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/01/%D8%A7%D9%88%D8%AF%D9%8A%D9%86%D9%8A%D8%B2%D9%8A.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7c683ee2dce4490cd4c3adeba2c8b14d6e834ac083dfcd0114ef19e710ccac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1111669
alt-svc: h3=":443"; ma=86400
content-length: 4069
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnwOvZpWbqxLUCmEnxl0qIGLm82RWyPvGDzmmMl0t7ytpobdGYQ%2B6%2FxibcLuZLCJM%2BhbTAcMRRejtNT0FsKP1%2FahcNVYsX5rClgdavfu9Be6S5omaOPfjf101K4Va8SRgS98xjQVJyBjAMAuON1y2C78ZOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6edd1e5c-FRA
expires: Wed, 22 Nov 2023 10:17:23 GMT

GET
H3 200 %D8%A8%D9%86%D9%8A-%D9%8A%D8%A7%D8%B3.png
alkoora.livehd72.live/wp-content/uploads/2021/05/ 5 KB
5 KB 108ms
104ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/05/%D8%A8%D9%86%D9%8A-%D9%8A%D8%A7%D8%B3.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4ab61d7d93936e5f8c38dc7a83403ccc7fa45b7641e3606f09fee1bbff204b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 223998
alt-svc: h3=":443"; ma=86400
content-length: 4738
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 03 May 2021 00:17:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeFaOGkFh6PMmQODhPfG5ibuZ6HArEjn%2B5M5gMH3YIaOcO890Uc2zuU%2FrhIZbqbEvKiv46utg9O6sWFXjS00jvqJMC8qU8E3FyS8uF0tsucYLLhN%2FgqRLitwSNLX6FMdNNp4c7Y5c9RcwNKTWPuV5otFzdo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ee11e5c-FRA
expires: Sat, 02 Dec 2023 16:51:54 GMT

GET
H3 200 %D8%A7%D9%84%D9%88%D8%AD%D8%AF%D8%A9.png
alkoora.livehd72.live/wp-content/uploads/2021/05/ 3 KB
4 KB 109ms
104ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/05/%D8%A7%D9%84%D9%88%D8%AD%D8%AF%D8%A9.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1ecc87894306d2daf7128a6f6231d9826456b7482555fcb7e17ccf6b7404b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 214036
alt-svc: h3=":443"; ma=86400
content-length: 3247
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 06 May 2021 23:48:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FV0tgj7MDQwdlnf0XZsTWAug8NVcLKP181zlCqCTIQgRxo7Ha8jh2tIdasD7s8XHtYkREKlgA0ifM3GWqmgPOOGPAg6VAiM29NYX7oB4Dn9dgx1LjQy8PlrOzoO2%2F%2FGVQ0BeH6aPTIPQtFM47tk1O1FZ%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ee21e5c-FRA
expires: Sat, 02 Dec 2023 19:37:56 GMT

GET
H3 200 %D8%A7%D9%84%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF.png
alkoora.livehd72.live/wp-content/uploads/2021/04/ 2 KB
3 KB 109ms
105ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/04/%D8%A7%D9%84%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14b5819f087cea4d77d69162f0b36c910b87d07ea127ba494d9dcc46c9602eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
alt-svc: h3=":443"; ma=86400
content-length: 2154
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhCtBZJTv3gefDLQeFEIAEa1pMuLxc31b%2F3YjQNShjVEsromyqiGsEp7zYq9jSsQm7Pus0wXe04td1Khv76dOnAKRidNpic28pPx%2B0FVMugM%2BdP8SfOhxnm%2B%2FQocHKeFKltmX37mbhraNpVdkFVonAi4EHc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ee31e5c-FRA
expires: Tue, 21 Nov 2023 11:30:25 GMT

GET
H3

200

270.png
alkora.livehd72.live/wp-content/uploads/2023/08/
Redirect Chain

https://play.livehd72.live/wp-content/uploads/2023/08/270.png
https://star.livehd72.live/wp-content/uploads/2023/08/270.png
https://alkora.livehd72.live/wp-content/uploads/2023/08/270.png

7 KB
8 KB

46ms
46ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkora.livehd72.live/wp-content/uploads/2023/08/270.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4929e50e6b4549dfd2eeaa74acbb7d399334b1ec608b34aafc44a07435cea085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 205401
alt-svc: h3=":443"; ma=86400
content-length: 7512
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 09 Aug 2023 23:32:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVzmdDYrwtBtnd9OEmr%2BFkeljfwwGHT9UGBupyK1Mhy30Eqjr62loRKW0VxiX%2FhMdlBBQ3P0YoRGH0UhESRa%2B2a%2FKY4IXbpNxxgqn2ZGENUmLo3kK8Bo6HtvrTHmso104l6jAcJUqFqEU0fL0iPRC21cIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfcba291e5c-FRA
expires: Sat, 02 Dec 2023 22:01:51 GMT

Redirect headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1844396
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5%2F7WfL0bl1YaGsXDTaZ%2FWjxbx9dsWdSvRYXVtAuPHwNkKsTvobJOHQC%2FZ03BSc8Q1%2BtoIg0IIv0QA0Ih6G22sae4S2sfnD72Wcq5%2FeXrqTMyvX1Y8YUl89X0xRq3tzDFDREt8vVxRVHv5gbPc1%2BEMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://alkora.livehd72.live/wp-content/uploads/2023/08/270.png
cache-control: max-age=5184000
cf-ray: 811c0dfbe9511e5c-FRA
expires: Mon, 13 Nov 2023 22:45:16 GMT

GET
H3 200 %D9%84%D9%8A%D8%AA%D8%B4%D9%8A.png
alkoora.livehd72.live/wp-content/uploads/2022/01/ 2 KB
2 KB 109ms
105ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/01/%D9%84%D9%8A%D8%AA%D8%B4%D9%8A.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6335db25e2be5d4177c35df8fc23434b617227d12f5a17083bcad0b074ac00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121183
alt-svc: h3=":443"; ma=86400
content-length: 1552
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 18 Jan 2022 01:13:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HeZ%2FXaibFl5QLMbXFkyOLEqFLmUFhrn7bbVk4G036e1rJv%2FFL8e%2FgTepbA2CPwpplgitpCQ2MHPdht1Uei%2F%2BaEvUejopPchy3wocXTo8sJPd3QqsQDMupmsAxr3xbWQ8PF9VC9B0m5M4oOmSWEJ20I91bM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ee41e5c-FRA
expires: Sun, 03 Dec 2023 21:25:29 GMT

GET
H3 200 %D8%B3%D8%A7%D8%B3%D9%88%D9%84%D9%88.png
alkoora.livehd72.live/wp-content/uploads/2021/04/ 3 KB
4 KB 110ms
105ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/04/%D8%B3%D8%A7%D8%B3%D9%88%D9%84%D9%88.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95c9804856307a239e1673990c74428320498a2fa411767747d5916b308d0857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121183
alt-svc: h3=":443"; ma=86400
content-length: 3105
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIZP1o%2BJqQ6UVnI2cea%2BroA3Q3XvI9ExEPqipQNSR8k4BznxZOahv6j%2F8r6kC9Upz9TZuGRTBXwerQ5IHGLdGreexze3CdVUebSRjBq6hp6pWEi4q3pSnMTsb7BcFv8o6iFj0AYjqt%2BVfRKHNbsf8gtklBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ee61e5c-FRA
expires: Sun, 03 Dec 2023 21:25:29 GMT

GET
H3

200

164.png
alkoora.livehd72.live/wp-content/uploads/2023/01/
Redirect Chain

https://w.livehd7.cc/wp-content/uploads/2023/01/164.png
https://kora.livehd72.live/wp-content/uploads/2023/01/164.png
https://star.livehd72.live/wp-content/uploads/2023/01/164.png
https://alkora.livehd72.live/wp-content/uploads/2023/01/164.png
https://alkoora.livehd72.live/wp-content/uploads/2023/01/164.png

5 KB
5 KB

47ms
47ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2023/01/164.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6b65d3d4934da9190378e1006177eda35227dc8445bc3492172ec352e61df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 223998
alt-svc: h3=":443"; ma=86400
content-length: 4996
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 23 Jan 2023 23:53:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjV296TovUpT6vbYg64Bru5wL9vVnzUvGYOVSUHk6VY%2FHhHPnjZsQKI8MT2o34ien1bXcVwA5QDIL4DvRkE%2B3EG7j7uRK62iU0cSkRJsx8qsSoDav73XD1inQ0BkkbnAP3HJzeAKGk44fIV6Ej5C0VDcGcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfcca3a1e5c-FRA
expires: Sat, 02 Dec 2023 16:51:54 GMT

Redirect headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 205402
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugRD36AWFKhk%2F0zhIu9L9HPH8oQqf%2F5T3kwRtS3cotTNqdxjvOcuURp7fXUcgFUr0sBl4lc%2F03Tw7apcn7gQHgyxr5SC5jlQ%2FG3f9BsdwOmlphGL%2BfuD7ooJMGxRrykx8MjIZPBQwzo0zTi9leoyNVfavQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://alkoora.livehd72.live/wp-content/uploads/2023/01/164.png
cache-control: max-age=5184000
cf-ray: 811c0dfc09701e5c-FRA
expires: Sat, 02 Dec 2023 22:01:50 GMT

GET
H3

200

297.png
alkoora.livehd72.live/wp-content/uploads/2022/10/
Redirect Chain

https://live.livehd7.cc/wp-content/uploads/2022/10/297.png
https://alkora.livehd72.live/wp-content/uploads/2022/10/297.png
https://alkoora.livehd72.live/wp-content/uploads/2022/10/297.png

2 KB
2 KB

51ms
51ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/10/297.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2790db0ea910b3d1c053f6b304ba8e70aec94d9323453bd3ae0920a032feaa8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 542293
alt-svc: h3=":443"; ma=86400
content-length: 1573
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 19 Oct 2022 22:04:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPIpTiTZpxVrcHJZeXiXitYEMQDttMc%2F%2FdZiscA%2FFqe5iI3fvaBQ40%2BoyxEJH%2FNZOHX1Z59Vh%2FgjUr4nisRem7sLC08KBX76%2FGD%2BqVuwwGub3gHRK7oLkrWQzh9SLWN4Zy1F2bRWoPxVepFEAkX0vTRZ6QE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfddb891e5c-FRA
expires: Wed, 29 Nov 2023 00:26:59 GMT

Redirect headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118680
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poHM6FLnGFWXlsYbHUW8CAED0M0s%2ByROZPBexgImRW%2FsPfqv2JfBX6ShdYJ8fAlES6Q6kB0edErHQuDYc%2FvJZWUrNnqP79vGvh8f%2B%2BttuFzpm1L%2BjgH1RJ1RkxRupjKbb20L3RJqAZBqVPwLA5GjW51f6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://alkoora.livehd72.live/wp-content/uploads/2022/10/297.png
cache-control: max-age=5184000
cf-ray: 811c0dfcba2a1e5c-FRA
expires: Sun, 03 Dec 2023 22:07:12 GMT

GET
H3 200 116.png
alkoora.livehd72.live/wp-content/uploads/2022/10/ 1 KB
2 KB 110ms
106ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/10/116.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a649d511a66be9f62d7bf8ad58cd9f615b86d7b2b8c9bf54a3135bc5e569c497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121711
alt-svc: h3=":443"; ma=86400
content-length: 1460
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 08 Oct 2022 00:23:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xORC5SjPfPnK8DR%2BtaUCxCyB2znMUdLC1folmEQuZ9RcafpES1t6tgVKg%2Boct5qRqP1FbNuD6r60z%2BVKe0a5SOECM8I5FIFEa2Igrslak908uYPbZtvISzYH2L9jYRp8%2BW%2FwtZoE%2F1gR0Qk3x54ccWnap7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ee71e5c-FRA
expires: Sun, 03 Dec 2023 21:16:41 GMT

GET
H3 200 %D8%A7%D9%84%D9%85%D9%8A%D8%B1%D9%8A%D8%A7.png
alkoora.livehd72.live/wp-content/uploads/2022/08/ 8 KB
8 KB 110ms
106ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2022/08/%D8%A7%D9%84%D9%85%D9%8A%D8%B1%D9%8A%D8%A7.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94fdec09288ba9dcf0e6b13f531c4a4fd9d65929f347d512460ce0fd6c9cfa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 583872
alt-svc: h3=":443"; ma=86400
content-length: 7900
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 05 Aug 2022 21:18:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t06csyVaPzjNImRKKm0iftRkqJxw9ARG0GoyIAvcF0atJOIpAuthmRl8v%2BdazaYQvKbCu4QFEXkI5GBhZ%2B8wnfwZ%2B68ABzQRRpPRwDGycA8DDrrNOPkOSRha4InAdCwhFCH37xAriwJDxE6cM4a0%2B1SF%2FMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6ee91e5c-FRA
expires: Tue, 28 Nov 2023 12:54:00 GMT

GET
H3 200 %D8%B3%D8%AA%D8%B1%D8%A7%D8%B3%D8%A8%D9%88%D8%B1%D8%AC.png
alkoora.livehd72.live/wp-content/uploads/2021/04/ 12 KB
12 KB 111ms
107ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/04/%D8%B3%D8%AA%D8%B1%D8%A7%D8%B3%D8%A8%D9%88%D8%B1%D8%AC.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2580e5b80634bb81a7a719263b45a8338d82662f5b03d4643e1570b9e1aa8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 223999
alt-svc: h3=":443"; ma=86400
content-length: 11823
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXJEiDiyIyXXW%2FwwxTvK652zQHdXr9iLnmkvqyih92aR%2BQFu6Rhg9A03HO6GhmWtwv3iUeK4vhNYAOODtjEXoT9Ul0wvIGL1OP83CuXiVaCAymNPY1JhfprVIU5juCzO%2F0hQuqh1jKgYXgz5eiCGtcLFcCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6eec1e5c-FRA
expires: Sat, 02 Dec 2023 16:51:53 GMT

GET
H3 200 %D9%86%D8%A7%D9%86%D8%AA.png
alkoora.livehd72.live/wp-content/uploads/2021/03/ 11 KB
12 KB 112ms
108ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/uploads/2021/03/%D9%86%D8%A7%D9%86%D8%AA.png

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aab315dd2a1f25ee22e8d37deebd23957ebd5a510b28114646b886d7ba5099d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139646
alt-svc: h3=":443"; ma=86400
content-length: 11626
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 21 Apr 2021 23:47:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BavLm1LD%2Fu9gYjdZY4b3YeXrxpkHs4PcehFu5Jx83%2BjLdXpk1Lxo9HI1J8Gx8EdvWZdAveIEMWck17l2v5yCaV1KGo8Pfae2qGceDb00ZaQHGEHU9LteyGz%2BVqqLBu%2F5Iev8k1lhZyyXOCFoOlXgv9ZmeEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfa6eee1e5c-FRA
expires: Sun, 03 Dec 2023 16:17:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 55ms
53ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34099957-2

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e436c2dcf1165119242ff0a90b60883a2cc1a5a46269bddd102eeeb95bb8768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68938
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 07:05:12 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/ 57 KB
17 KB 171ms
57ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment.min.js?ver=2.29.4

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 11546001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16837
last-modified: Wed, 06 Jul 2022 23:03:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62c614dc-41c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NwH8zS8kh94JUumRno%2FZuIpDF3qx9ygNFbYOcMSXITzNTI1fBlAWZUvEG91Qie79KKWFiuXArjr%2BKenvqeE%2B2P1hy4H3tD59BAHzbYb0Vmf%2FbYIVs88v4IKbS%2FkbkE1t2zDq1A3Jmf8%2F2C9bwEAz049"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811c0dfb088e90ee-FRA
expires: Wed, 25 Sep 2024 07:05:12 GMT

GET
H2 200 moment-timezone-with-data-10-year-range.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.43/ 41 KB
10 KB 160ms
47ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.43/moment-timezone-with-data-10-year-range.min.js?ver=0.5.43

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4541068197d1c1139b529987b03db202070cd3df77a20ebde2edeb6e96d83144

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7813362
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9732
last-modified: Fri, 31 Mar 2023 11:00:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6426bd50-2604"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieglVxdm%2B36EZVIGJVcTyELn9rcjgdiGgF7Er3uVRmSq5ykhcFFbHVozJEzGL7CGzlQ0bSFoa97LA1YX6NCb8rAplxgaaCieTlznBMjQKiVjcBxIEoF%2F04glg9vOlMpIRpg9kpVy0r3GOPnBUx97L%2BgM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811c0dfb089190ee-FRA
expires: Wed, 25 Sep 2024 07:05:12 GMT

GET
H3 200 AlbaSport.js Show response
alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/js/ 19 KB
5 KB 67ms
61ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/js/AlbaSport.js?ver=13.3

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad1ce966c974313970e63188acb96723fc1e43379d797b33240cf8f5f4427c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193688
cf-polished: origSize=20406
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
cf-bgj: minify
last-modified: Tue, 23 May 2023 15:12:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUBszI1OpWDw%2F%2BqcYIIsut0TZ3rC5s9bb5o1al97yH4%2BhrZ5Rmau1%2BtRTxbjxnV%2BXQaM2Lk5Dc5D6LlRLYL32eYIuVXIIG4513F%2BUyupau3hSQqGUwD68d1V%2BMK%2BBnIc7xRU3m3DAjj6tJXTrwoT6n537IE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 811c0dfa6e9a1e5c-FRA
expires: Sun, 22 Oct 2023 11:30:24 GMT

GET
H3 200 layer.js Show response
alkoora.livehd72.live/wp-content/plugins/advanced-ads-layer/public/assets/js/ 17 KB
5 KB 67ms
60ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/plugins/advanced-ads-layer/public/assets/js/layer.js?ver=1.7.7

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0065b495e19946f45a31357b3f1aa48addebfda1ed330b5691027566611a497b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193224
cf-polished: origSize=27959
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 14 Mar 2023 22:12:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKAtbzqeRLF%2Bb90rKXMckDWX3UoIRwqfs7evsdeWVosa5djo0QDhHVFXYkpg%2BVVO3B%2B4vXtqZx8C6VRSXiAFP8bUJIf9D82fW3GQi8ycXMmAyskkKtLIJZoKIfYOuWtuJ%2FW%2B8W%2Bu4UUFsuuSC0fNCLhQOMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 811c0dfa6e9f1e5c-FRA
expires: Sun, 22 Oct 2023 11:38:08 GMT

GET
H3 200 sticky.js Show response
alkoora.livehd72.live/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/ 4 KB
2 KB 73ms
66ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js?ver=1.8.4

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193224
cf-polished: origSize=5914
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 18 Apr 2022 15:44:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JcGr%2FoEcMZSd5YnIG2uZA9Ub2toO5taoQnoHA3psisazbZiWaroARjSpGQb1L9VV9XctBfcQrgyORYX6n41TRlIqcBr%2FG78yCgj5TigJ5ovI29CpYrxcHNezOQhBVwM55ogVBwfpCICVTy2tCbqyOekiXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 811c0dfa6ea21e5c-FRA
expires: Sun, 22 Oct 2023 11:38:08 GMT

GET
H3 200 advanced-ads-pro.min.js Show response
alkoora.livehd72.live/wp-content/plugins/advanced-ads-pro/assets/js/ 6 KB
3 KB 73ms
67ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.24.0

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193224
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Fri, 15 Sep 2023 21:57:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8tZ%2F7Foxkb6LKMNP%2FNQKJclQzOwPDSJdCsClLhkMTcifTUXqGZUa3ZKKRVuC1In%2Fl2JwsjtPOxFhCUnpGXYUEC6APU8%2Fs%2B7%2BjHdRW0sPTu7o3KfDhJJU7R2CEnRRou82HTyq%2B7wUpOcQmMAWHvxIUAvG5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 811c0dfa6ea41e5c-FRA
expires: Sun, 22 Oct 2023 11:38:08 GMT

GET
H3 200 js_composer_front.min.js Show response
alkoora.livehd72.live/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 74ms
67ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 308627
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 17 Jul 2022 00:39:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfO8Ozq5eRSrI%2BpNtNrcg00uEpLEbKorJ0V5SYylvx%2BvG38BXP2bF3GJgoijODCukL9GrFcBTuqtmCf%2BtCpU4u2zrLk8IOvKGzVt6V%2BxnqiYVWtVw8tlZgDsjWrkiniXGLkZd0qYD5guEyNg%2Fg5YLfezddE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 811c0dfa6ea51e5c-FRA
expires: Wed, 01 Nov 2023 17:21:25 GMT

GET
H3 200 a1795d5a6065285bde5d2d25c732222d.js Show response
alkoora.livehd72.live/wp-content/bs-booster-cache/ 231 KB
70 KB 113ms
109ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/bs-booster-cache/a1795d5a6065285bde5d2d25c732222d.js?ver=6.3.1

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5235011a320038991ae0e2bd29ae6930863a4dc44095f9f1049fe7d822806053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193688
cf-polished: origSize=237684
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
cf-bgj: minify
last-modified: Fri, 22 Sep 2023 11:15:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cz0rd12qUxuhpfvKTw2QwJRJ8JLZ6aV0Sd50hj%2Fmm2E4lE3y%2FJLFFhILrampmm0SWAa%2FnMrGjzM3bRRdZKpPDRv%2FDW40ghHobFg0lqQBJ%2Br9Vp0sTacen0uSwQveJf6dSu4AzUfRGwMZp6fVZh86D4Iteo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 811c0dfa6ef01e5c-FRA
expires: Sun, 22 Oct 2023 11:30:24 GMT

GET
BLOB 200
OK 73c9059d-c2d3-4293-8dab-446e2a2b8f09
https://alkoora.livehd72.live/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://alkoora.livehd72.live/73c9059d-c2d3-4293-8dab-446e2a2b8f09
Requested by: Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 159ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 494873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 13:37:19 GMT

GET
H3 200 fontawesome-webfont.woff2
alkoora.livehd72.live/wp-content/themes/publishers/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 72ms
50ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-content/themes/publishers/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/wp-content/bs-booster-cache/8c54031241073ed868cf80c3836b3fc5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alkoora.livehd72.live/wp-content/bs-booster-cache/8c54031241073ed868cf80c3836b3fc5.css
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193228
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 29 Jul 2021 07:29:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwpwdPqwgzcgWge0EF5GVA1TTzMd6oByhrlBy6E53Z5xn3M6pqDftzHkfrihYGgamgJbCvooJXpkp1m23Xq5Zfv3PFZfEQTLtHXhCGExBgY4YTHgQ3V8pyLPydvAtzMb2Oj8Tb9qAECE%2FG5VV86tXYmkil0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 811c0dfaff871e5c-FRA
expires: Tue, 21 Nov 2023 11:38:04 GMT

GET
H2 200 DroidKufi-Bold.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 239ms
120ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Bold.woff2

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/css/AlbaSport.css?ver=13.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 18:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31448
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 18:06:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 169ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:20:08 GMT
x-content-type-options: nosniff
age: 45904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:20:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 198ms
84ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 10700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 04:06:52 GMT

GET
H3 200 com.svg
alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/img/ 754 B
994 B 59ms
50ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/img/com.svg

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/css/AlbaSport.css?ver=13.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc567c997abd62a245f8a83d82f6ecb6da56f7e40d814e8db2d1ed096228c674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/css/AlbaSport.css?ver=13.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 23 May 2023 15:12:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLhgf%2FQtO4A%2BTA2IKqdMn%2BBESRPoW8lLVpZ3jrIx4o8TtEk1imtg5mrwISRTHG2tEXSfDDEJSxk1JN2cO%2FMQ9ZPMdmpHwdicx4plgGw9wzc9AIrOsXtTJtN24GKcNBXHRGt5nLVg%2B0K4RChh%2FdehnI%2B4GoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=5184000
cf-ray: 811c0dfb0fac1e5c-FRA
expires: Tue, 21 Nov 2023 11:30:25 GMT

GET
H3 200 tv.svg
alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/img/ 1 KB
1 KB 59ms
50ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/img/tv.svg

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/css/AlbaSport.css?ver=13.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f6a791b59aa71a798884cd452b38c37db49485d7c090a9cbae940a49889cef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/css/AlbaSport.css?ver=13.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 23 May 2023 15:12:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8n%2FGMQx0U0UL3LM0TJ1gYlLlJ2tPQ8QCtoYO4y99s42DHjYAYjNj0FQSFh29nuirOl2DCbBSgkJsetm0EGibiba3XGLalD%2FJ7L5w9eThaJEk1ubtHJ2o23wp4AWHX7gBLHNRutCLWOm4RlEuoYPQwVlnvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=5184000
cf-ray: 811c0dfb0fae1e5c-FRA
expires: Tue, 21 Nov 2023 11:30:25 GMT

GET
H3 200 champ.svg
alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/img/ 735 B
1016 B 68ms
59ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/img/champ.svg

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/css/AlbaSport.css?ver=13.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de4da33b195ae3ae4ee56ee1d9a0d3104c5d1614502781f743e1dfc9f52ea5ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/css/AlbaSport.css?ver=13.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193687
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 23 May 2023 15:12:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epJ3Gk%2F8nmX2rYBN9H6AlPb13kpVMn4RClhZ5XxMI6tCprISeFFNBdMAYX1N54j2a%2BHx2jfMkazYCuO83fUqOr8XIyIW2JZPy%2BWiACAFH8YnJs03sDrcviGea13U2SNFRenIGLNiQgz4tQIM05Mbh595ovo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=5184000
cf-ray: 811c0dfb0fb01e5c-FRA
expires: Tue, 21 Nov 2023 11:30:25 GMT

GET
H2 200 DroidKufi-Regular.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 180ms
96ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/wp-content/plugins/AlbaSport/assets/css/AlbaSport.css?ver=13.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Origin: https://alkoora.livehd72.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 03:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31147
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Sep 2024 03:06:04 GMT

GET
H3 200 wp-emoji-release.min.js Show response
alkoora.livehd72.live/wp-includes/js/ 18 KB
5 KB 50ms
48ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alkoora.livehd72.live/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/m/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1192986
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 30 Mar 2023 05:51:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhKNtgDqt33VsNxK99%2BW51wGncW8HguUSUre5wJevWfzDSx6leKH52uwqsv3vtgI%2FCUoeKSbS9dSQ5KCL8G4vmUUcpzvgKkzcsoK0xKr7HLtUXONmknzVIpnNXNxsv334IXAMicICVjgcsImuiKsGtr8nQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 811c0dfc19831e5c-FRA
expires: Sun, 22 Oct 2023 11:42:06 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 137ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JSE7HX578Y&gtm=45je3a40&_p=640100102&cid=31718114.1696575912&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696575912&sct=1&seg=0&dl=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&dt=%D8%A7%D9%84%D8%A7%D8%B3%D8%B7%D9%88%D8%B1%D8%A9%20%D9%84%D8%A8%D8%AB%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20livehd7&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JSE7HX578Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://alkoora.livehd72.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
66 KB 56ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34099957-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JSE7HX578Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56fd96e45dd49f496a619f9eab6fa4b877a41a1bbe6c749f5d4cf4be40b17c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67939
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 07:05:12 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 380 KB
129 KB 193ms
109ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6113467694901384&plah=alkoora.livehd72.live

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7253644072714154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5428e1ea7dbf51a0f714aa4f3ff7323b06933dc9dae33cef4aed50cb2ae11346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131790
x-xss-protection: 0
server: cafe
etag: 13049499459140878789
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame DB0A 10 KB
5 KB 134ms
43ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7253644072714154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 14:28:29 GMT
etag: 2603938475786422795
expires: Thu, 19 Oct 2023 14:28:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-78G87YLVGW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34099957-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abe4b3eafda7f9ab6cac6d9f8b988bb9899dfdacd65514b41bd6c72c490e6099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79030
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 07:05:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 147ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34099957-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 05:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4530
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 06 Oct 2023 07:49:42 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-78G87YLVGW&gtm=45je3a40&_p=640100102&_gaz=1&cid=31718114.1696575912&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696575912&sct=1&seg=0&dl=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&dt=%D8%A7%D9%84%D8%A7%D8%B3%D8%B7%D9%88%D8%B1%D8%A9%20%D9%84%D8%A8%D8%AB%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20livehd7&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-78G87YLVGW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://alkoora.livehd72.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 146ms
48ms Ping
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-78G87YLVGW&cid=31718114.1696575912&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-78G87YLVGW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://alkoora.livehd72.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 139ms
52ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-78G87YLVGW&cid=31718114.1696575912&gtm=45je3a40&aip=1&z=2140598389

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 137ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=alkoora.livehd72.live&callback=_gfp_s_&client=ca-pub-6113467694901384

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6113467694901384&plah=alkoora.livehd72.live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b32776df2edf8a7b022cefd96b6e5de809d8fc92e98b53c56fee19dd8e664fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9497 333 KB
72 KB 707ms
705ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&adk=1812271804&adf=3025194257&lmt=1696568712&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x810_r&format=0x0&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912488&bpp=3&bdt=678&idt=317&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=335913105674&frm=20&pv=2&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=382

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebc6accc9bee53144f96190c4162533cd4f7da2b9476f88fb99b80d5752f5fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 73456
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:05:13 GMT
expires: Fri, 06 Oct 2023 07:05:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=alkoo-771007734&cls=alkoo-header%20alkoo-sticky&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D170 116 KB
39 KB 577ms
575ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fb4cab23297a8472724d8cf2b9433c707ae1c5ec2ecae915eda0d6c7f89bd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39596
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:05:13 GMT
expires: Fri, 06 Oct 2023 07:05:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1604 35 KB
14 KB 455ms
454ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=3972443666&adf=3315005860&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=438&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&cms=5&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=WUZ94tHKdB&p=https%3A//alkoora.livehd72.live&dtd=443

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

723ac4031f9dd9aca8693222b53207f84901329424b6d48734dd320306052fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14503
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:05:13 GMT
expires: Fri, 06 Oct 2023 07:05:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9CE5 33 KB
13 KB 1405ms
1405ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76fe3b76578aa5cc44c354cc49f0ff254eb8a8f58ac61ad31690418773d53417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12707
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:05:14 GMT
expires: Fri, 06 Oct 2023 07:05:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 47ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=640100102&t=pageview&_s=1&dl=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%A7%D8%B3%D8%B7%D9%88%D8%B1%D8%A9%20%D9%84%D8%A8%D8%AB%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20livehd7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1078409874&gjid=881186546&cid=31718114.1696575912&tid=UA-34099957-2&_gid=121602020.1696575913&_r=1&gtm=457e3a40&jsscut=1&z=905701199

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://alkoora.livehd72.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://alkoora.livehd72.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 50ms
49ms XHR
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-34099957-2&cid=31718114.1696575912&jid=1078409874&gjid=881186546&_gid=121602020.1696575913&_u=YADAAUAAAAAAACAAI~&z=1500966491

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://alkoora.livehd72.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://alkoora.livehd72.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 138ms
50ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-34099957-2&cid=31718114.1696575912&jid=1078409874&_u=YADAAUAAAAAAACAAI~&z=1907929400

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 51ms
50ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-34099957-2&cid=31718114.1696575912&jid=1078409874&_u=YADAAUAAAAAAACAAI~&z=1907929400

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame ECB1 183 KB
57 KB 288ms
114ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR-xqQAAzJcGrReeAAsYDs95OLhCvO1cD0aqtQ&u=%7ClLdtP95kakDMkMRRmZk%2FMfpQ4QvKHgB07ZNJma7yvQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC860e_9IV0S2gFP06EEBzfwu4ZpL8qMB6If6kCVlfQ4tbd-dBdNulPSd_DW2SnsRxTv7lxiAS88V1gwiQJ3C4mZ98WbpHYdQKP-A4PWzJDiwARVH_pf0Xx1GdSWlbx369gJfJtIqp6hEb7j6fHlZvuSY6AgBWGQtcBTwkx9Qv0s7b_nMxL05pY2qQfCzfOs8BGAVhkY60VpCv1DuSmQvxkGeQXr_SwZwLc4P-voCYDHa8srvEa3RZiWIG2MAkYhRZQwfKM4w5L-anibA3UdRyLkYF8xvNRE57OfDb63XQsml7TWKlaWK_WAApBs0OALJwBG8_Pvz9bz2UCUAbckkWqUCBI6TAeHyf8MA_5miASL8X3Ga9K1dP33g1-h2Ux4ckm4g3UZPvq0SsTNhXurfTvsJfTwqMV4d8NSWZA3NlIyqeHiCxHBG1PTgEZmyNiY97RKvOMiYKQOfwuOFiKAdIniNtMDjw71q76ZAGl88IcpQiWQwI8RFdXRidD13iqrGXPd2pNmPASQp-BXBB3tIExmtQQ8YeT2OAVeE0y3dvfo7YBLEsHjXH6gm4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMIAkqbEfZZeZA56vtOUPjrCssAPJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTYxMTM0Njc2OTQ5MDEzODTIAQmpAh1YeZ02r7E-qAMByAMCqgSFAk_Qg0Xz7CWFC9hU6tmRgwfAY23KdtWvp-pzpZBH_44VDdYArLiHckCKYb7kWmcYEG9C_oE55BW4TINtp4DFNduRgB0pqR4_5QRUtWpDF5CEzJUpsE3Z63-7wl7vHpjg187TcfRC0jlIQ4CR44hUGKsshjXWAb7QOSvty4-Dl-I4mBmN9M5qhkwvs8Dl8IHGikYhjijP4ykt3ql9W4CdoeSlftV7JUaIYgL9ecKzoaDwa7XJg7jLWDmgRSMYEhokiS0L0G-2jyid4-skJj9C2loxX-MAyYSxuV2CQLKkakTyjBfm0H42VhufjwKKuEfA1eZenIIskD4HDcGY349xEPeg8Wo2boAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0soWd6Jfanv6CYp6zhLXkKz7hLRQ%26client%3Dca-pub-6113467694901384%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=3972443666&adf=3315005860&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=438&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&cms=5&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=WUZ94tHKdB&p=https%3A//alkoora.livehd72.live&dtd=443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

65fb32591cdc41235d6917b617f4e8c85a01f84e15d4d50ec6c5494564ac8f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:05:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=EBgRBO1GkA40qZJkELN-Uxu0RKtMWlujGzunPBEH_dP7nfXzv4RVT_q-pkfU028eMpMr4AJZUAN1cG9__D9cTEsWp8xCJvfzRsi1I2K42EfYT9FPPhQOHQ0rVxUu2HIEQPVBCeKb8W_aRMVTRbhXPYsNzJwxjzBVjTpkfPdpDQhE_D8ykPjw2BSFv0J5QG12YlAS-roj3KhW7ykoLVRo3QjZL0d7IwfrzDKIVgf0iq-LbMEBh1fZSp6Ig490ubgUuo41Qw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 65578988
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1604 3 KB
1 KB 218ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:18:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1604 20 KB
9 KB 213ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1604 187 KB
59 KB 229ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D170 4 KB
751 B 51ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 07:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 05:44:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 07:05:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D170 2 KB
973 B 73ms
71ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame D170 23 KB
9 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D170 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:18:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D170 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D170 187 KB
59 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:13 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame D170 37 KB
16 KB 260ms
40ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 15:26:24 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8001524470988312695/ Frame D170 23 KB
23 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8001524470988312695/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b4f6678c21e7d156c5198de7facb999bcc44dfa3cf032f510582e82f060b747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:47:13 GMT
x-content-type-options: nosniff
age: 83880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23262
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 11:15:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Oct 2024 07:47:13 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12937122679658741731/ Frame D170 2 KB
2 KB 74ms
73ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12937122679658741731/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8952c4fa3d17c07083624e544f615118d869baac6db6ac731e6a9f7905a09908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:50:24 GMT
x-content-type-options: nosniff
age: 62089
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1646
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 11:15:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Oct 2024 13:50:24 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 154 KB
53 KB 137ms
136ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58486c58ff9ff1ff2068b0521eb577462905a27d264b6b41d6238085a6c9e463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53740
x-xss-protection: 0
server: cafe
etag: 1429238232303432134
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:13 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 90 KB
31 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7253644072714154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

518ef8c9b9137f85564014f334cb05d0093bc0fe9964cf6dead59010bffd25af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31665
x-xss-protection: 0
server: cafe
etag: 12550607060446916216
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:13 GMT

GET
DATA 200
OK truncated
/ Frame 1604 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2ad721f9785870e5b2376493c295cd256eafcccda329bdf717363b9974838c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D170 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 187936dbcd2d140b6e6accba8159082bdb2da348900dd3a462acd0ffc0e7ec86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1604 0
23 B 88ms
87ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAa1aqbEfZZeZA56vtOUPjrCssAPJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTYxMTM0Njc2OTQ5MDEzODTIAQmpAh1YeZ02r7E-qAMByAMCqgSCAk_Qg0Xz7CWFC9hU6tmRgwfAY23KdtWvp-pzpZBH_44VDdYArLiHckCKYb7kWmcYEG9C_oE55BW4TINtp4DFNduRgB0pqR4_5QRUtWpDF5CEzJUpsE3Z63-7wl7vHpjg187TcfRC0jlIQ4CR44hUGKsshjXWAb7QOSvty4-Dl-I4mBmN9M5qhkwvs8Dl8IHGikYhjijP4ykt3ql9W4CdoeSlftV7JUaIYgL9ecKzoaDwa7XJg7jLWDmgRSMYEhokiS0L0G-2jyid4-skJj9C2loxX-MAyYSxuV2CQLLmaGVgDIQ27djmccETr-sutmDKY-xwhACYWAOh_36G85fp2mOAGIAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02MTEzNDY3Njk0OTAxMzg0GAA&sigh=9CDPsjJZLeA&uach_m=[UACH]&cid=CAQSSwDICaaNU7DaYfaGqtA6RXItI5ynzdp_O3FpUitUVr_OFamkG2Rw8g0fuJyEZoIz3SbhtWCAvxKD4ILy2zaSLLDVn9IaiIzK30ZerhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=3972443666&adf=3315005860&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=438&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&cms=5&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=WUZ94tHKdB&p=https%3A//alkoora.livehd72.live&dtd=443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 06 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 07:05:13 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 1604 0
126 B 182ms
50ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kpXPF8z6RLAJmAKdg2ICAgAAAFWwAtmqxQ14So0YjBCosR9lfgHT-24Bdl8ZuAAAEgAACgpBUVVCRHdFQkR3&wp=ZR-xqQAAzJcGrReeAAsYDs95OLhCvO1cD0aqtQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:12 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 152566
server: Kestrel
content-length: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D170 16 KB
16 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:20:08 GMT
x-content-type-options: nosniff
age: 45905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:20:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D170 15 KB
15 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 10701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 04:06:52 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 7EC9 10 KB
4 KB 42ms
39ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 14:53:59 GMT
etag: 2603938475786422795
expires: Thu, 19 Oct 2023 14:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame AA37 10 KB
4 KB 44ms
40ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 14:53:59 GMT
etag: 2603938475786422795
expires: Thu, 19 Oct 2023 14:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame DF19 10 KB
4 KB 53ms
49ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 14:53:59 GMT
etag: 2603938475786422795
expires: Thu, 19 Oct 2023 14:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame DD61 10 KB
4 KB 53ms
50ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 14:53:59 GMT
etag: 2603938475786422795
expires: Thu, 19 Oct 2023 14:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame ECB1 2 KB
1 KB 282ms
50ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR-xqQAAzJcGrReeAAsYDs95OLhCvO1cD0aqtQ&u=%7ClLdtP95kakDMkMRRmZk%2FMfpQ4QvKHgB07ZNJma7yvQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC860e_9IV0S2gFP06EEBzfwu4ZpL8qMB6If6kCVlfQ4tbd-dBdNulPSd_DW2SnsRxTv7lxiAS88V1gwiQJ3C4mZ98WbpHYdQKP-A4PWzJDiwARVH_pf0Xx1GdSWlbx369gJfJtIqp6hEb7j6fHlZvuSY6AgBWGQtcBTwkx9Qv0s7b_nMxL05pY2qQfCzfOs8BGAVhkY60VpCv1DuSmQvxkGeQXr_SwZwLc4P-voCYDHa8srvEa3RZiWIG2MAkYhRZQwfKM4w5L-anibA3UdRyLkYF8xvNRE57OfDb63XQsml7TWKlaWK_WAApBs0OALJwBG8_Pvz9bz2UCUAbckkWqUCBI6TAeHyf8MA_5miASL8X3Ga9K1dP33g1-h2Ux4ckm4g3UZPvq0SsTNhXurfTvsJfTwqMV4d8NSWZA3NlIyqeHiCxHBG1PTgEZmyNiY97RKvOMiYKQOfwuOFiKAdIniNtMDjw71q76ZAGl88IcpQiWQwI8RFdXRidD13iqrGXPd2pNmPASQp-BXBB3tIExmtQQ8YeT2OAVeE0y3dvfo7YBLEsHjXH6gm4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMIAkqbEfZZeZA56vtOUPjrCssAPJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTYxMTM0Njc2OTQ5MDEzODTIAQmpAh1YeZ02r7E-qAMByAMCqgSFAk_Qg0Xz7CWFC9hU6tmRgwfAY23KdtWvp-pzpZBH_44VDdYArLiHckCKYb7kWmcYEG9C_oE55BW4TINtp4DFNduRgB0pqR4_5QRUtWpDF5CEzJUpsE3Z63-7wl7vHpjg187TcfRC0jlIQ4CR44hUGKsshjXWAb7QOSvty4-Dl-I4mBmN9M5qhkwvs8Dl8IHGikYhjijP4ykt3ql9W4CdoeSlftV7JUaIYgL9ecKzoaDwa7XJg7jLWDmgRSMYEhokiS0L0G-2jyid4-skJj9C2loxX-MAyYSxuV2CQLKkakTyjBfm0H42VhufjwKKuEfA1eZenIIskD4HDcGY349xEPeg8Wo2boAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0soWd6Jfanv6CYp6zhLXkKz7hLRQ%26client%3Dca-pub-6113467694901384%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 30 Sep 2024 07:05:14 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame ECB1 2 KB
1 KB 290ms
59ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 30 Sep 2024 07:05:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame ECB1 308 B
636 B 284ms
60ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 30 Sep 2024 07:05:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame ECB1 293 B
621 B 275ms
51ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 30 Sep 2024 07:05:14 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame ECB1 43 B
348 B 268ms
44ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=T-ZjrlM5f0MUAg_BvTGjTYK_zXDskrhQU8haQopnf2n-m7FXjS69QNFUjCVs_kB0PmYEdz3Hrg0fwBu9CPRMM3l4l8dqdT1B0q8SYijjuSCIG2v-XLBe9fpDxXpJ5xnSDFw_tC5r65WBf2sHD1WHnsp_b7jZrBj0rbTKkcu_kcRGCyTyDj8d8hLDyxRIf7ASemKPiG8mlRX6kbxKkYW3z6lMHKDvd4cdqRBRCC_NPv8fk7s9QbYtvVWev7ij6dS91CaMBKJWzdtSdWhfFDQf9iA_tqdY6S1E8xmGNRdUT8V1cHpUeyy1j2q9yWTJKReayEJpcImG21ON2XIjZFc_S_ptIhbloxbCGC7udLcXvpwiLIDp9Cza--lRTEQKf61zJA5rLAcrlXkyGpiPChR2S_EYaX8L0YTgY9pRO3q_nBRtZGWg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1877841
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame ECB1 44 B
581 B 297ms
73ms Image
image/gif 2600:9000:21f3:200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1696575912
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR-xqQAAzJcGrReeAAsYDs95OLhCvO1cD0aqtQ&u=%7ClLdtP95kakDMkMRRmZk%2FMfpQ4QvKHgB07ZNJma7yvQw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC860e_9IV0S2gFP06EEBzfwu4ZpL8qMB6If6kCVlfQ4tbd-dBdNulPSd_DW2SnsRxTv7lxiAS88V1gwiQJ3C4mZ98WbpHYdQKP-A4PWzJDiwARVH_pf0Xx1GdSWlbx369gJfJtIqp6hEb7j6fHlZvuSY6AgBWGQtcBTwkx9Qv0s7b_nMxL05pY2qQfCzfOs8BGAVhkY60VpCv1DuSmQvxkGeQXr_SwZwLc4P-voCYDHa8srvEa3RZiWIG2MAkYhRZQwfKM4w5L-anibA3UdRyLkYF8xvNRE57OfDb63XQsml7TWKlaWK_WAApBs0OALJwBG8_Pvz9bz2UCUAbckkWqUCBI6TAeHyf8MA_5miASL8X3Ga9K1dP33g1-h2Ux4ckm4g3UZPvq0SsTNhXurfTvsJfTwqMV4d8NSWZA3NlIyqeHiCxHBG1PTgEZmyNiY97RKvOMiYKQOfwuOFiKAdIniNtMDjw71q76ZAGl88IcpQiWQwI8RFdXRidD13iqrGXPd2pNmPASQp-BXBB3tIExmtQQ8YeT2OAVeE0y3dvfo7YBLEsHjXH6gm4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMIAkqbEfZZeZA56vtOUPjrCssAPJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTYxMTM0Njc2OTQ5MDEzODTIAQmpAh1YeZ02r7E-qAMByAMCqgSFAk_Qg0Xz7CWFC9hU6tmRgwfAY23KdtWvp-pzpZBH_44VDdYArLiHckCKYb7kWmcYEG9C_oE55BW4TINtp4DFNduRgB0pqR4_5QRUtWpDF5CEzJUpsE3Z63-7wl7vHpjg187TcfRC0jlIQ4CR44hUGKsshjXWAb7QOSvty4-Dl-I4mBmN9M5qhkwvs8Dl8IHGikYhjijP4ykt3ql9W4CdoeSlftV7JUaIYgL9ecKzoaDwa7XJg7jLWDmgRSMYEhokiS0L0G-2jyid4-skJj9C2loxX-MAyYSxuV2CQLKkakTyjBfm0H42VhufjwKKuEfA1eZenIIskD4HDcGY349xEPeg8Wo2boAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0soWd6Jfanv6CYp6zhLXkKz7hLRQ%26client%3Dca-pub-6113467694901384%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: DEYfoJDxyPIn3QbbcyKUyug_kX-hIoiwSJQz7YtWdkGDK4GILMd9jw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame ECB1 12 KB
5 KB 45ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 633217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOw3p2h1eg2Us0jUlAr55W19v5URM6VO2%2BVNjZfQh3rYB6PfGmEaLFTVEeW%2BTNbr8GSWwsdxv4OqnaYF1Uh8lD49bg%2F6UGyVGSeS3%2Fnhco4SckP%2FqMw5HZzYUUBfIXyuriuIx5QSQNFRWAXCxWo68pdQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811c0e05c93790ee-FRA
expires: Wed, 25 Sep 2024 07:05:13 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame ECB1 12 KB
6 KB 275ms
57ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 30 Sep 2024 07:05:14 GMT

GET
H2 200 f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame ECB1 57 KB
57 KB 301ms
89ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 20 Apr 2023 14:26:14 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"64414b86-e41c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 30 Sep 2024 07:05:14 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 79ms
78ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7253644072714154
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://alkoora.livehd72.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ECB1 5 KB
5 KB 217ms
49ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F230502%2F6c678b4c3aaa4eb8985bff7ee55cf9b8_stepstone_job_portal_negative_rgb.png&v=3&w=196&rid=4&s=kxxuWblHzVGFH2d_0TyVqxuS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3209947ef5d4b55b88a7e0d39ab85696dc6703ac784b476abc58c7b28463d79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4848
expires: Tue, 03 Sep 2024 03:47:36 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame ECB1 0
128 B 218ms
51ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=EBgRBO1GkA40qZJkELN-Uxu0RKtMWlujGzunPBEH_dP7nfXzv4RVT_q-pkfU028eMpMr4AJZUAN1cG9__D9cTEsWp8xCJvfzRsi1I2K42EfYT9FPPhQOHQ0rVxUu2HIEQPVBCeKb8W_aRMVTRbhXPYsNzJwxjzBVjTpkfPdpDQhE_D8ykPjw2BSFv0J5QG12YlAS-roj3KhW7ykoLVRo3QjZL0d7IwfrzDKIVgf0iq-LbMEBh1fZSp6Ig490ubgUuo41Qw&sds=2&rev=88731&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 06 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame ECB1 2 KB
1 KB 49ms
48ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 30 Sep 2024 07:05:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame ECB1 2 KB
1 KB 50ms
49ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 30 Sep 2024 07:05:14 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 7EC9 4 KB
671 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 07:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 05:45:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 07:05:13 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7EC9 205 B
520 B 42ms
41ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 01:08:26 GMT
x-content-type-options: nosniff
age: 107807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Oct 2024 01:08:26 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7EC9 604 B
696 B 43ms
42ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:42:48 GMT
x-content-type-options: nosniff
age: 156145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 03 Oct 2024 11:42:48 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 7EC9 15 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:55:01 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 7EC9 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:52:29 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7D7A 624 B
242 B 96ms
83ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhCsuIT9ARi6q-P1ATAB&v=APEucNUce1x7RsL_PwtkoS6UAJuWSV7k_jWm1ytIPfINArTQBX0VG8I4qrvdxrf4BYxd58qIwUF1RL6EuDbz-l0_2R1_t9sPXfe2ALcWfl1-_stYIy8XFUTmhQj8o8iYDj_ugBzXKi7tT0q_sln5yi0tM-nBM9rgRrNqtJaGTWQoFidGG9OPGIo

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:05:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4777 89 KB
31 KB 127ms
125ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:14 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 4777 2 KB
3 KB 158ms
41ms Script
text/javascript 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=67645895;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CkidYqLEfZbicPLiYi9YPss2noA6-vPv_ctiuhpWdEpL-zbiGQBABIP6DuiVglcKmgrAHoAH646qkAsgBCakC5TzTeR-xsT6oAwHIA5sEqgSGAk_QBKXmMDpmKknXTH3Qq4hdrHmT3jDrJ_eTLmdl_rjxwBJ3oub0P6nXMAwc3cqm3p_PHuNx1es095WEPGIGqhYgTSZ8mcK53RK4UJ-A6DnddaL4EmgnL99K4b2d1q0EgTjIOLRbm3XwN_QeKNtTLt2AxJjSvO3sRuDh6D20Zm8f2-q8LLhJ8pg3W30WE9odjhCeoxdrxOKxHkJUApMqGb9mEDnlhK0wYVFXh2i4sGamDl2PF4-I-N_gkahoh5spxLfcYINoifpSkmnzm4vmQtkb5smC6bniEDGa6l9D3yQbG-QwW_4YtAPMP8AcRT-9z6JynPf8xIE9Lw9F3ayMItAY_l5E9IbABLaF1MDGBOAEA4gFnpehmkyQBgGgBk2AB-6b1dsBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERcgNAbAThZ6EFdATANgTCtgUAdAVAfgWAYAXAegXAQ&ae=1&gclid=EAIaIQobChMIuJCD5e3ggQMVOMzCBB2y5gnkEAEYASAAEgKJhfD_BwE&num=1&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&sig=AOD64_3_NvtR58h90_yoSzY_XBhWtPTqVg&client=ca-pub-6113467694901384&dbm_c=AKAmf-DxdEdXlnI7md7LdJ4yXkR2L57bh4za7rcUdXtJh6YFkXXSs1ZCeiT177NHRx-HyK25siIeo3WMI107yISvCYXtIoxlxBT9vwzGoFPmHtZ3D7na9iXt260qHu2aKYhwmLUFU3VI8Um3e8JA7WZEXbpqLNZMaX6BziPKcEs0rW9ba1V8-g0&cry=1&dbm_d=AKAmf-C3M72GAd7DxAGhbG2dFPSvRKKFRWWmQroRwjHDOisCXRf_hGcsb2JAIndXF1Kxkv3rf0eqrvqQ-4_voSVsdLxf1Kmmu7NWf2NneaduKGwp5VNqfXwHMTKyTf6mLiMGzYziH_4Lu9RO9o6Mz81bDhBIzcBEvR2bvn25-bO2HvrRHxtjQtf1m2T2yOUbgkcLrOE0225DIkhT6yojeIAR0yrqP1LT_H0y5l7vwgtdWiozgzGVQ4tIZ21Iu5F7tmkZ1rX1usX7iRM7Cc7y83iUu13zzYUGeRXBWV1FGMPq4C_TVNImE-t7SyHDIUTRly23DOe8YFXKVG3pkFONxSfLKOKyrMMpneZiIfhL1x_cVCpYZhdo7pcMqpX1mSGkiZoaZxhUwO08Bm1cc0RRfnQ5E8kE-hNkf4OiSioe3HipUpKDSiulVKofVK2BHJqHacwiCM3HwvzRUcjT7VmBxPxDnME3LESOaUb8eWze4SRd9Vbylws7QNmQ7eEg1oyP6by1r-Kt3ReriS7DSysVdfVuslaaiZofruJJQia9fp41NV1sphyn4Ol01TXENUoBAQS_LgR2WZVu&adurl=

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e84bd58a8f82804de2b408f8523e3a06a03e348e5def8767a9c976a6cc4daadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2447
expires: -1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 4777 3 KB
1 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:18:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 4777 20 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:33:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4777 187 KB
59 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4777 42 B
63 B 75ms
73ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BUFpZW8TTDHK-Vqvyf3m6n8ZqR9__38xUUx6Zv7lHMWtkKZ_rxuK1sw0CnfldjjnbcRbVeLLq3bp84hdx3Szz-K70x7v39u8VdvEyWM8E3WFk7Vu8

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4777 0
20 B 76ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7742641909078650055&x=1&ct=77

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A085 624 B
242 B 99ms
85ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhCsuIT9ARi6q-P1ATAB&v=APEucNUQOeUx_Wn7cvtL79r644Q-IC6HCK5Z91gyUhYyheQAttYIKVtK3UwJg64TNN1frfcp844H078tbLBWXkkImZ-FNhbM_3N3zQXnFEqdGxydKfqB8IHO8_6aMrCU3Gqz5bYtLSFy9OhyisbYPd8pyuGPl64zjOB2yD9eAD3G-9IdadqKJNg

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:05:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 525B 89 KB
31 KB 196ms
195ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:14 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 525B 2 KB
3 KB 134ms
42ms Script
text/javascript 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=67645895;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CjK_OqLEfZbmcPLiYi9YPss2noA6-vPv_ctiuhpWdEpL-zbiGQBABIP6DuiVglcKmgrAHoAH646qkAsgBCakC5TzTeR-xsT6oAwHIA5sEqgSGAk_QOXExzOfxWGVtvrjNk9lwX8eCjGSsBtb95oDnNzP7X4WcK6RwJ0-LplW7Woy-hiYAZSWr_yIfHiAjvv8MQjPjqcFU1YU6jkeorlEezhsOJdGnfSQ2VDBaGB632XrfM1K1wT5LUn3lGpRumyB_M8QXe9uk7oH5PO2pVx15ydWn-mwlyNdX93TQW8eK-viP1WgXf_iiXPfZdC9hpahj9GzDAv1H-lJ6ipO0gJiHVCr7cWqOtHrgynspP7u8nI60bfk8mWoCzbSoRzQNzN7elvkodEVUHN_UlKe5tK5oUmDgr9E_uREiTpEQJFSl-CQFxKm--X16AVIIh94Vx4w_f7K4HyRuYgDABLaF1MDGBOAEA4gFnpehmkyQBgGgBk2AB-6b1dsBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERcgNAbAThZ6EFdATANgTCtgUAdAVAfgWAYAXAegXAQ&ae=1&gclid=EAIaIQobChMIuZCD5e3ggQMVOMzCBB2y5gnkEAEYASAAEgL7NfD_BwE&num=1&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&sig=AOD64_3ELwF8vUzY1txtczpF_0W0YssHew&client=ca-pub-6113467694901384&dbm_c=AKAmf-Akgx1k8Eo1cYxAJTnbduYBphMlU-wyogKluEw5NX5iPyiQANzii0PxY2TmTxXqnFNKRwKurZTc1PvgRkRPb5mmkLRFrTi6fXIi7v8b-A6WxwfyUgWhv34-OTGDAOxWs6ez_aHJgtMexImcJR8KwTvV1u4e2j5o2waHv_VzLgU_JUZGcZ4&cry=1&dbm_d=AKAmf-AuTaKDucOAwR49GyXporZLYTEOr-eGtxL7LaNEMhDcACmcK0Qc37kgumSywjvvltKnQQ7YxXYv6PYssTNG_jICHeWeUIusjedoJhv4zTKQqJcXeSDj8FdvqFMrZAZV0wFRtK8LRP5OZn0UOy2L1vaGRl3ZH8FzmsAP_sAAGpYAMFPw7D6diW7sN6B_GRbKAz5-zI-vDbgHm3Ns96GTUlnUvqCYLorFNX9235Wqk8fc5QuYN8G9VwlZ13PNlyNCZ8ZD9megadcsFd1mFHGWr_blK8kO2hvwjgmBCIgC42Sh9ZPULr5jbqybpgJjHVTWbPmZp_9MlRwa6mkxfs90i3zqkOJFYpQrpgtsW-8G-MZiwZiH2mQ5RTNMkzXiN8gmxu7_2p3nDk7onwA82hbL0IMnbBcJZbvxLYAq0AnaynxboDaFbC0JN6i3Ctrbyneej9QEUo5ADUolaBIKkkX12W7SrOoYdgygha7cvrtMO_Mh9qf6RwDQ7-KdJ-rUF8vg4soC2lxOf-F3aWJ9fY1PomNJzKjP0ZxTQQD-h5ASEY8kMmxhaexmcZb0n00Eo64lMTZkSwI1&adurl=

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0021875aecf433f9983377018f961ec321d6ab991778e0ff86d8d9d4d3f997fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2449
expires: -1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 525B 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:18:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 525B 20 KB
8 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:33:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 525B 187 KB
59 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 525B 42 B
63 B 82ms
82ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AbasiU0KnkX1sjW72BcOTIonUz_tdlTZOq5gT58aEKnuew_5YRbheAF0X-Yfm9A8iCDBP-jEys9ftjXTKpLb6NEaf_Zdzyj7b04Zzk8gnc5LSfxRE

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 525B 0
20 B 83ms
82ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5956452578747816498&x=1&ct=77

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6836 624 B
242 B 99ms
84ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiriqrpATAB&v=APEucNUvw-cCDyUTPAvdoyonOFSZJ7bHhjua4N99FtPl5IMxtPPXErcCN0PtSC5MVOb2DI2fkgOdjiciMNrmeZ0YimnzBW_zT07u49YPkIuz1hwpjAB5ehmJZaVKHz8iR5TMAGJbjtaT8b--_AyToXSyVvvbBFS15d_qFoPL-wmSzDs7vB8hSrk

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:05:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8945 89 KB
31 KB 173ms
172ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:14 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1474271/71242846/xbbe/creative/ Frame 8945 258 KB
79 KB 205ms
63ms Script
application/javascript 63.32.14.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1474271/71242846/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-AIFOjgM7JnC1qvUbc5jQpXPQX2iEggOzwg-chhXPQezZZuUPdNupAm7Lii7HOB6622MTYXeFHKpAKVEJr0omYh-nuMF6tt-CdIT0LY3oWF2ZetIklAzRN6NEx_9v21hArao2nWYXM8wzEkO1o4mhQBhhhiAnQd-1lCBWqjSFy1qyndbjESyRYAoCZ_4OTutSfcH6rBDNneDODDJ8LA3GhuYwp8fSyBU5MqmsQBYbYoao2xxB8d9sWenATZ30eHF9HLAwqnPlVHmdMRlTpDdlizl6kBZfj9q7n8LQh3WtP2dnBrvPFEFHLkT10zna6Wy1BJVlrMEgg6vwk3HNPZ0EoSiAzTU57-gLNDCW3MtQluZz28BizpmocBfquHNRrwdif7vjU0LBp01DFXEBw8-dKPQbQL47ZzpmK7341k3_lxKY8bG0_BVbolIqZZvHhS5CxlajLxWB4RAzOn2qpe5wWAm97gpiVQhEjBuluqf3eruBFmH9L45-tTpAZeVLI0WzDxPcrGdDXVIQLhmJL2WUT1gLZhrf63VeKX5uc0VM4To-AtHKJsrdBNmjO_bHNckxFMhkd-ThUVmTRP3mqB5QMEe2TMqaDky6_duNFI5b8cR6bfpyrSWaT5hHXXgMUxl4DzcxnMJoBuk6gmZW5m9TcUO5ZaxrZfYMdlKO1OAdk2HaV9FX23CFPp3F8IO8D7-TwqN53_iA6Gbgz2yZjNP62DAdP2UOE6THDcW3ku6_e62z0_59RhRi6dxivuMDinUhWe07PzDpCdR53NzEr5v2iO5jA_-savuqyn7o9TXsC4wfqf2-8rSLbo5a7yuY11q7P61bE-EmWU9B8u4gU3uOoUH_P30dsqQE6wKY4dGhFhsmZWX7a8ewiJwtruiqiH61CfixjyGRsB0W0YTm-4_tNT3K1ZNMpPXVMgx_dGECX272Wpv1Zfy2cfCqRbA_SyfyTolSO1VL4Uud17y16_A5NsfGJ_symEnqj4eO_chVB8D7QhgQ1gaZTwl50sUHhFF2qQZHX9ojBLUa0w6wJimhKjkMALujeuZJNyf71tK2Ptdn2zgqk_IUIq5O3FWmB3W9idy-X-EjwlVAHsKrcsQI_jEwU5pJn3clwwxQL8VCVybaLfTNDuDtvEs_VSpJqncfyV76l7bqZxQwynXVM224Ek271GALuVtR8FZ9Q9y7MXXqRY6aqVDzWt3hCUX42xJsRz6AA12cwfiFO6xvTHCvahtqjJ6xi9Xc9dQrET5HDM92GUXE9QltuPlEGlpBdGF2mV5jJ65CvY4oflYGJGPAfFxRgHX-MdSyzu8YsZfLm7o3aUMzONiXHPnCNVkJfvv1_94BM0tiutz_t0gxW-iNXw9SvzoshdsLVzMkzejF8KVdJ1z1CCyNrHNhk_wKmTriGJCr4gm0vIN0dsgaVQzHCoYZ8NyDeTMNn-MNEyF_XA99kYJeqgsqfEqn24Xf9HYxhXkKb6fWAc_cxEaA-rnhN3C7a3nn1zJzUj31HOt6dTylylvxCqQch3Z3ukxlYGdS-dAuSpl_LmoGGBC419qtDcGJP-GtMnsFoj5DWfW7ujmDYioesd3UbVqn5AVR6HvvIa3AadmegBgS8JjU1HJ5lqf4N099gdwhBELPEzxK1S1R6T7Ee4mTkU8vPOuu6657UaauY8azT6oKEFpsTQRIe1ux3DYmmCBLNA6aOMgeLMrbkqW_S1W1ya2ysJFh0s-kbiLISoIxcRCUgXD8OyDs2eaWZH_Inpd1jJ1Oc7nquCnejrzWVD4-5w0c0mN_Ykw-DrmEucDObYULZzvkxRsCN-N3F72tb6hIXRfSx_c5bPNOs0oMqlrcRIXM6maplgO0ma5BitQJBw7FlGJgRQFQCL1eLd8PlDndJJ8AREtREB7M7SmUzoh6xtkaZVPZiv_jop2rJzXnOX2VdPnC6zzlIfVIerP8XCb7-P6Sgt2NN70axQN7P9jqxp91BC15m4meIRdKq3IkzIegTNyE52i1IH5T_t0Vx8NwAVpDnEXWnfa6CVOYWGhas8EUcCz-_X6VvYkvj7jHvTMPv1GmDTGE_5TVQd8QJo1oQ3_8UF-GmEo3yxpMFnG8i216_eBByeAWjfij-QLtuToOxWOwA8ky9yFsr9-V4zmiwuHUNrktAVu7Q3iCQC8OlP4_vE3brEJjtOJoxiQ97SsmbByFnwaVMjZSkNXn47sVqUmss2Hj29tuYd584s90rkWwYbTer_BZy4VmL5vASosKsoI8Mw8XJOekxLqzhiR3YfJAtdIRwgoEqOlJAhZZQL6GlNjnSgfc3jYEexRnVfh7V6WU7l4NF71KWw_-RBGrPqikRp_kdeX8C9OswkN_-yvpfEaHBsNUKNz7SDTAdnZJAmyIL_o6_1GHFr4Da7c6kzt9vMhrvauTsWGKBgI6xK0pThcIqBBiw47eC3WwunojjrZ8uUHpccz15y9pghJ2OS4ZsMTQDK_xtlnKgilS0yQdyZFQ0lsyVe0li6Skwk-N9z-pfKRmid-bpYl49HEnMLD8Ss_Qmo2CQwHdmmyFEwPjlwGc-VNydb91I0ab3y2jAWVn9F1pSCruxPFeTciCAg24XAdnfGEXbkwMY2hml5atZqtxWB2gezDsUkmEoxvF00SGZU-l1ED15DHjkEgFS-XV25Wo8Q1XX5t1N9jnKM5eqi8Zg0m2RNWm6fvT5aIVnF7aQvLZE9uh4v9ZFqHtF6us2wCDAL45ZYTFt68MaIcJ-xtOgaR4V53vezIRvzv16i0jBl7mTbjqzkXEYXQ-h91dMtYqU7dOv3Eaer1ssLwlHzhUkw6QjANsobYGIem2iqatT5hfog_u1vp9UE8Z8xofpgNrTXyv21oUjkEdje2c1IwoLdxelsBZJLhYqzB6nIH7atWGTgBErPsHCAGiFkW3NruoIaDuN4QRwsa-WDKjpk51TNwHFt-UiXiL3ijV_R4dAFPOQ_rhCkR6nDMCDj7j9Lc6wNmdhXPIlLaztJxDjIUmuxqJtgFmY4hrDY_vyIOsAj8JReSCtyzSboLR3iMdDkLsdeBz9wtrLJ4QdvnKTxBT-qy5io8PdGMsfVRb1Hcyhp9ju4fdPUCdiJi7cvohpp9IPtg32nfgxx_hAgWxCQKgCUnoNqxCiNqq6Mti7v_QWD3fNQJUK2EdbVxYKcqlSCkQE-5Jgx-SQU4MtjKiN4aj-b3HsJsQ-Tl3DfEgj_jrgjdzJ_UdSk4AwnVJ6vgh_gpJLoNxj62bMS6r9MoDSdGxfmDKwKT4modw_0VR9dhRivkYmcguo7zJAHWxWZg4BdYr5dc270JaBk2Y_TMaTb1JQWSPKZ8IlnxYx-17Dcwn04dgDyeTYgJUhotlSyvY42p48H_KylWaj4XW7VTvq4roeIRW6rj0UDl_Z3jL_zzNAYwjzA0K0jmBCZm-XbXOQ3YqDnm-xIGS4KPRrIPEYv_kgwLRgqHrr3erHNAUvLc7jGUstvt_7KGhWmgZjmkrFzGAcYcTgbNalyZQcdL_CciJu8nmhGehnCIXAXhcWheiAucIq5-xsaW6Zem_aTS5wHmu4T32SOMsLvVn0okOzHjLQtACSXdfktCHAPWFQiKhO-9KKBqV4Q6XruyjwUK1fPG0sToVRVdVwcIVxETnaj7PRTRwu_TCGZZId5GJR9RSYdhAYFYhXUWF_OqvL07OZDRIxScWLfqVnqO9fN6mGGgbCoXaXbXXqSlnnU_1y852D_pVkcw7IjCiELUw_VgDm-sR6AO3UqYwIhhRu2u6bQIWjiHBoj40E-t6LFhEHQtrmjeXuLX1erErsMeYx8TwgJsvDVc92YKKQivXeFe_du3b4bN0PMoN0ekzAgd2YUXimuSdsnZ2_OANpAgWc72_QXrfpK1rzFExe4K_GkChhX0HJNlKNsSUSjUW31tfMHuyfpsSlsG7UOBUZ814cPw_Y5bGr5OajWAuZKiQqFnZ9Dy1jpnqSipj-_dzclVeoAUAo7YTJqpFiEoOeoNc_2J8YwtoRarmopSFIcJj2w76AqXuBndz8aUQgEEksAyAmmjf6BqQpLPyrZkUIx2c7X99EoluhpU-tSeDyKFu-q9pITHVSOU-_GnYuOJ7BZEZ1MPmtBjSBK-avvzQStS2-1NOSemOraFKkYAWAB&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-6113467694901384&ias_chanId=1&ias_placementId=20123185343&bidurl=https://alkoora.livehd72.live/m/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jreJfxF1XB6iUvhxLCmXai
Requested by: Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.14.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-14-94.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 405a6fe253c1ffdc3838e0994e01da877d806ec4cd52dba4fb7f4089cde971af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 8945 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:18:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 8945 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:33:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8945 187 KB
59 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8945 42 B
63 B 80ms
79ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6EpLUQ1P34rBUuhqFhrhSKpHVY9PnCiLbo8RoH1Ejl0rd9Q3Mq9zrud7vBNOLDjgrZoGfV5UKS00S1zHBPzwlAOObZ0gTuyCaD7Qaz-oLe1s8DXE

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8945 0
20 B 81ms
80ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10163009356579802030&x=1&ct=76

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D170
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CU_oRqbEfZeULoKSL1g_1zL_4DNOE8LFz56HbmvQRv-iivcABEAEg_oO6JWCVwqaCsAegAcfw440DyAEJqQLhi7zj7a-xPqgDAcgDywSqBNcBT9Dh7B4qqHOZooGElDvtAdJH7hW4iOpkTfB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212181968678252846738%22,%22debug_reporting%22:true,%22destination%22:%22https://mazda-autohaus-lenz-oelde-stromberg.de%22,...

0
0

163ms
76ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212181968678252846738%22,%22debug_reporting%22:true,%22destination%22:%22https://mazda-autohaus-lenz-oelde-stromberg.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22834205767%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215091937338321955361%22}&andc=true

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12181968678252846738","debug_reporting":true,"destination":"https://mazda-autohaus-lenz-oelde-stromberg.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["834205767"],"4":["10-06"],"6":["true"]},"priority":"500","source_event_id":"15091937338321955361"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 07:05:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12181968678252846738","debug_reporting":true,"destination":"https://mazda-autohaus-lenz-oelde-stromberg.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["834205767"],"4":["10-06"],"6":["true"]},"priority":"500","source_event_id":"15091937338321955361"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame CD74 37 KB
14 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=2399278405&adf=3042914027&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912493&bpp=1&bdt=682&idt=387&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glFN5XerZa&p=https%3A//alkoora.livehd72.live&dtd=395

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 05:53:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BC9A 2 KB
931 B 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame BC9A 23 KB
9 KB 58ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BC9A 3 KB
1 KB 61ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:18:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BC9A 20 KB
8 KB 53ms
36ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:33:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC9A 187 KB
59 KB 76ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:14 GMT

GET
H3 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame BC9A 37 KB
15 KB 53ms
40ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 15:26:24 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4777 0
20 B 75ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4868519466950&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4777 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4868519466950&version=m202309260101&ct=77&x=1&cor=7742641909078650000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4777 16 KB
12 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYix93JBNNDcdxZaoLzyvyhWNYadqk0RCPQVxHgUpT0pRl1y4YU28gGE-Ipp576SAfWr5muGfUZnrWBZ827pFhdIB05utww2EhDJeG84vHvvg8GtepmRHo9otcvUVCbfSPfwvGWZzUwr8iReNGHhl157zgGOvJW5WzqhulfaLxaLoY8F0&cry=1&dbm_d=AKAmf-C9Gv7Chzj6dGF9yR6INO56MlxBmQBnwWWdarKdTp2rZ3CHYzh4x8m15ccQY51Skqgqac-ZkfXi9yb_wlhrrc2EOk0V_9UecFO1Kaw14OVdMU9akX-SbQGTyjqNhTBxxIvgFO_TlYM0IgK3u0YN0g8cN2MGw8yGoyOs11vNfLiqrAEngQXIs3FR3-P9OUp2zYJEoCR8KFlJ9XF58LiTzAUcf9ajNWSqZXjsj5XCYiClmXcaey3Iya7Zf-hUiPkGk8wMoIJ-TBqAzA8BVXBpwonhhUSlg7kt7Qhj2fTbiIupHKlRc1suK3cWtK37jrJARJP0-Yd-Mt6lpANy7tgpFO-8nZ_YVqgHVVxcz3GGQW_pJg_XIadOa43DB5LEv1O5xy40G3PvjXJn1D4p_DpK_oDvrO5r7xCMjsKtLmOVK1fzktIkQVT7GKEicqvhXrQa4Vs5JKnZMxKHCOOBbwWra5zi2HN-d8V-Qzpp6Imuahswj9dQfMvmtRat6E42aDbytvw-Z8POX-kWWv5ws70hgfggwyvvNabHjbzxXksRL0uawvmCMm3yXuiOZe5EBsawF_zgQ21rMk0paRihTy148E2buVZs577F13BKwC7hCnbrLwXLYPmz_8vW60_Q0hZJzgMwVBGOM1dyGIH5r6fNtYIXwPC4VQMwhpFNFQs0VvsfiFlN1L0homz2GrFd0eUIHbDTi5poLxb0X2nn-m0_9oDFm71EQq78CIbvwzABwnxbc_mA7u6l5YHDX9bVn_GrZvF2hxDX_cx5vrajNabptTkuGJWZLPEh_OD4JUGmnVGeqenTXmYpx-wtedos-NfNqXfsu56ZiGFUHaton3akKndyoI6xA0t1Leoxrw132MNmfZfvjlqa3tTtEk5n1Dk76mSI7cXIPjYdwcWSWzqVhAuVSJNc6O1HxpXhnkYpVUyeY9SlFhuHPMAN_v6FiAITHdhffVZEOPmV1dn9RV5ibHI8H92HHZlgXoPTS4TEFrjdc8NoVeUZhK23WCLgFV1VqjKU3z97iHCgeeizmfJMblM3lBN0Q7JxuJuG-vzNVqWZFdoG14s1V9qnUamntzwTJnPS23G3pQpKU-EgeEAld-2rZLgkDzlDkbg0_E4TEmfiR-EuECWVq2EPNh8F-d6BVWrhgcRbPlcJPzEg_isw1xIluKgeB5KgPXCMOk2z3vwHzRvEVZU5r4BFOZw0qE7CoyBkcZnZCZq-537FrS_9lC-2bHcbX12pSbB3wMMy_4VwtCNUZdtvys6-IU8GhQVJqIRJlNv-MCpX_XRzsXwVKoT5JRJucOQV7HcxXGatfcrw30ypJkloWqIfNUR_-xtl1N6WyJsVUKVqi7nSJpwXSUyaX6J-Y1bXj_fctu9U7QTnO_NDiuZNUerS6DyCefRl84ZZZm2oHWhY3uBBffptN1WRWT0eZ8Rz-by4CLumFHaCSF9mDv472xtHehhJUp3qKbaGf1yGc7-iI166Lat-9_7-dujwVPaC0-F5Z5zcaQljw3gSFp7H2MJybVG_r1J72bIkvxOKv-lUYIU2kYP1YOxkXsFlbzpA7p-zF7ezgKoZtcv3Ul7cSOMnunlpHtDoFXDvfMjiYG3uWV2T0lQoAIsa3wL0UOOfMx_HVvC7NXpi3_TlepSxfZWR_kddGzw3SghfQQr3K23YkpWuCgX7BrT_l1dpIumIxMX5189myb7Ipvt4IiZjoenug9Tkj09vP2FO6-QqcSdoyGHdogeAJxu8w9hIKBdwMa2vSCp6aAZMujuNuM0oTp_-xEcvyNS7C1s4sDR0VrqrwZ6ZaCbk-S2nwaNwQpBV3EJe-iQ6VcadIrgGSdIm98lxisPAXNvIAjH5YssRcQSoAdt3lFwRwz88YRUg9KhYic11x05rHLudydjqOh4MogSkorgl2pfr_Re4UtH5R66G3E6oMekxza0rpas1yD7WYE-Va_ZsKZ8mV9vcJXOlGRM2WIEh3NvQpe1TVSOtrWYv8oT8DE2k2oCuGo3R_0qAndEQoZHWSrWQDnlzw8rVyeViepSouTKzokJXRJ8ikmWn-VzjRT9V3sahwdF0mXSU1Dsz9uFaCP_Q9oEr5kyUoHiFPgcW-mCXkfbKMo3jDI-076sR6m3eHmuW6kjkhvd8UxBLK-P2cVrfiZF_jEALu7lLI_rklnZWBksXTwQnI31cjgZbiVs17gc0Sf6k4LA4McKHNX1mLPMaGJRQfGNLCivmGFYABu15pKvvguqwtcpln7mSB0MryEe7yV9nqe8VUrmhnvNDcLxRxy_rEpzJNoJUlfCjA7cjgFIy-tDwlOu2G78qtDqVweU8pWQ9klS4zGYGUrH1ZyyP-SnrQTElr3R6YyvFL8GlUog0Wv17CzXY13n-WX-oWfRAUDSJv57T_V2AujcaXSe8nBv3XENNSVqPZEeLTZqUiPVb7dHscnQ7gnRr71l7KRU_7JTban16jCAhX0Ja4cJ7O7juK-AVpWTMmNPS4uL1HhstaiX_uOJzGt8hjEw99K43evk1nun9tsLrix0foySNKM2dPBFWbNPf4Ca6Bu9hQeKnTUS5NtyNbtzq_WGJNV8zMIViu6Y5agXQIwNR5OeABwOBylwqlma10vwN6pFCLvcuEQVG0Wb0R3a7czZ40nd1fN0K4xoQNtMIPJkF4Yd8HtmvhM_GdLDScPzLaC66EvZpFOzFyCKioBSxI0v0dpCsnKEELq76lvwwPOAEMwjjc2oL1Bfwt_rkQ7MDBinToaiEjryj-LSpIcURqpwwciHDxytnxn1IE_gqLwEYhxD0OQ4EHiIRkhhjAPAw4uXjRWGSMQ5Akv0R7sYAG5tO-6mcBJrFuoIyHoDez1BJVvuqpZaWKqe2TTcP44JrSPN7DN8IBtn_gIgPl55YPdSvTyLe6TF_mvgLOuI-LazjB5jRLzpXINp2YIsZbAUfYAMl_LbLDiAmLXD2tX3uVeLwtQLxzGelL9-aHusHSl2RJCymA7HGagmpkh4NvvcAy5yH2wyDJZxRbwQyZB266PfG1NpGOKJD42Y-FJjFTke-ttP8B3YPbPJPCWGUQBRUMu-bOiHjXMV5My9d395YD1afKqGwP1ngOkDe-C6wDLwwarieDvNXwauuStGO-tEjydmPy4WMK_aVXT3x8Y5O0R0BntQYdRQejcONlW4Ne-bkcsdqKzWSwSCYN4lFMcOIQw4BJ8rudYjdFXonRG6znOeOctJYN7rA_meRLuPblY1HvJk95V_1rMa1Qkk9WnMx1GYjEp5jSsBbzha9HxKIGMqNdWS69E2NkrJ9jTpHFEAbB0mLLhEiycgKu2_7Go3JH3tBSfqDtw6JSe377-RhbiGZNqzDIbbuim4uCCSj0zMttpfMWdOwRZI6UYz7bNuc6rLM0mShbWAw2_vjLNPEJO_peAVdnxiro1FnNylgxPvq2IOsaaV7uBdY7jBlXAMCRqetrUkRrioXuq63GrVOKxpexCHeJL-iAwu_vzftvnHWaeNsNNYAmNLX79IulnCZt5eVOPaQtEIZVJksIpgqdu4a5G7eV8RaYrw0h8aF0V-pj6e9JiiRr9xSfEJK0yavh1-IarDbxR4nzGxmnJzHNBu5Xx8_JONKgQnZ8yy4U84lPKO92caQB5stoFaYrhPU79V8y0o6qpBEqCSHloh-FWDFPVdV3BpEzfNa0s4mN6Q1a8JQLlExG_v57_I3XsSgsnqcjC0AzhBENibP9FO9APJDO8z5NDoZqMmt53r-0MICpdUqbeX78gyjDDnqmFkfHd4-8iT5rP6vZzdaQBQPBFCzE47PgoNHgSQyyhWT_NTUyGZ_ZfSlX_jUvNIDX0mUnFofGdjTxAcC0Wa26Nuco76YFjdIEhFhwaC9zvpz5bK7S9-8V-Vd6UzlLFQVwH5iR5yg5ZYibQaTAyirajedMH7FWecOCE5hv5I7om9XqJq8NIVznP_pfVg&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Falkoora.livehd72.live%2F&ds=l&xdt=1&iif=1&cor=7742641909078650000&adk=521587874&idt=143&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6507c0ad2d8f6a6d6964a6d0b4f99876b08ba71d7d3ed65153387576b921f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12557
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 194ms
73ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 07:05:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7D7A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1

43 B
327 B

58ms
56ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhCsuIT9ARi6q-P1ATAB&v=APEucNUce1x7RsL_PwtkoS6UAJuWSV7k_jWm1ytIPfINArTQBX0VG8I4qrvdxrf4BYxd58qIwUF1RL6EuDbz-l0_2R1_t9sPXfe2ALcWfl1-_stYIy8XFUTmhQj8o8iYDj_ugBzXKi7tT0q_sln5yi0tM-nBM9rgRrNqtJaGTWQoFidGG9OPGIo
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZiJ3i85KT%2BAjzEVDyHWKBJCB5VBZwc6mq82w0%2Frb7voMFee2d71PCOVS8O8y1qTOk5JkH7HVqB%2BPT6tjn6795SA3FiyM7GpuxOOYlTP3cmRrFR667PnK%2FbN0azqSHkNQDcr2l6vjlLqFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811c0e08dba2380a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7D7A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR.xqmcgXYsW1xODJOAKYwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2

43 B
764 B

56ms
55ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhCsuIT9ARi6q-P1ATAB&v=APEucNUce1x7RsL_PwtkoS6UAJuWSV7k_jWm1ytIPfINArTQBX0VG8I4qrvdxrf4BYxd58qIwUF1RL6EuDbz-l0_2R1_t9sPXfe2ALcWfl1-_stYIy8XFUTmhQj8o8iYDj_ugBzXKi7tT0q_sln5yi0tM-nBM9rgRrNqtJaGTWQoFidGG9OPGIo
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpFcW75mW5l9EIqbsST%2BDYVBT8JhF6rfEIyOa5oXM59IcpGTzamg2bArKCtIScjcxmaohoHcUngp0y07Xxy3TCSBtoVNjihfIWPimuXNYScEmr3G3Wse7wkDtZ7pTmVYEjkmC1ViDRk7oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811c0e09cf3a9128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 7D7A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG7rfLXHE7aH-dOYOkpltD4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1

43 B
893 B

46ms
39ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhCsuIT9ARi6q-P1ATAB&v=APEucNUce1x7RsL_PwtkoS6UAJuWSV7k_jWm1ytIPfINArTQBX0VG8I4qrvdxrf4BYxd58qIwUF1RL6EuDbz-l0_2R1_t9sPXfe2ALcWfl1-_stYIy8XFUTmhQj8o8iYDj_ugBzXKi7tT0q_sln5yi0tM-nBM9rgRrNqtJaGTWQoFidGG9OPGIo

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
an-x-request-uuid: 3fbd7dd1-ec2f-4376-97dc-131cf12556f2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.108; 80.255.7.108; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
an-x-request-uuid: a0286530-c3ac-49c6-bca2-fae53f71538a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.108; 80.255.7.108; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7D7A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjQxOTAxNDUxMTgwOTQ1Mg%3D%3D

170 B
232 B

57ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjQxOTAxNDUxMTgwOTQ1Mg%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
an-x-request-uuid: 2e56aec5-d4af-4cc7-9006-8d92c25b0153
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjQxOTAxNDUxMTgwOTQ1Mg%3D%3D
x-proxy-origin: 80.255.7.108; 80.255.7.108; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame A085
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1

43 B
432 B

55ms
53ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhCsuIT9ARi6q-P1ATAB&v=APEucNUQOeUx_Wn7cvtL79r644Q-IC6HCK5Z91gyUhYyheQAttYIKVtK3UwJg64TNN1frfcp844H078tbLBWXkkImZ-FNhbM_3N3zQXnFEqdGxydKfqB8IHO8_6aMrCU3Gqz5bYtLSFy9OhyisbYPd8pyuGPl64zjOB2yD9eAD3G-9IdadqKJNg
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1na5%2Bf8WcHzJe%2BEQFWJZxt6Kx1QvwJ7dJk16KObl2jC7qz1hOYihAxTIsckClgDH7fj5YstRQOI8XvZsLichv%2F1%2BBW9oj3DRHZDBQO%2FxS%2F380N7iBwhoDutREVA59HLhvmd%2FH%2FlOFw3wg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811c0e08dba8380a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A085
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR.xqmcgXYsW1xODJOAKYwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2

43 B
732 B

61ms
60ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhCsuIT9ARi6q-P1ATAB&v=APEucNUQOeUx_Wn7cvtL79r644Q-IC6HCK5Z91gyUhYyheQAttYIKVtK3UwJg64TNN1frfcp844H078tbLBWXkkImZ-FNhbM_3N3zQXnFEqdGxydKfqB8IHO8_6aMrCU3Gqz5bYtLSFy9OhyisbYPd8pyuGPl64zjOB2yD9eAD3G-9IdadqKJNg
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4lABA8eRhdiDcRv4k9x7o5VEUjNUXcdYgTR58EZ%2F%2BtWIsiJKUyRX8zuQK2Pf0Z4XB5mrNXq%2FB9v5FGw0koK2c83JxBEpmMoOwf3EXvCbkpDO2M8fclfejtFbgid%2F5hVcAHxMesgamBpeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811c0e09cf3c9128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame A085
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG7rfLXHE7aH-dOYOkpltD4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1

43 B
893 B

39ms
39ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhCsuIT9ARi6q-P1ATAB&v=APEucNUQOeUx_Wn7cvtL79r644Q-IC6HCK5Z91gyUhYyheQAttYIKVtK3UwJg64TNN1frfcp844H078tbLBWXkkImZ-FNhbM_3N3zQXnFEqdGxydKfqB8IHO8_6aMrCU3Gqz5bYtLSFy9OhyisbYPd8pyuGPl64zjOB2yD9eAD3G-9IdadqKJNg

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
an-x-request-uuid: 7a465753-6731-49a0-ad74-5dce2db0dd57
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.108; 80.255.7.108; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
an-x-request-uuid: 6720f40d-11cc-4439-a5bd-754db38aef20
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.108; 80.255.7.108; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A085
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0NDUzNzIzNTI4MzY2NTg1NQ%3D%3D

170 B
232 B

50ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0NDUzNzIzNTI4MzY2NTg1NQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
an-x-request-uuid: d038924d-123b-495d-ba28-023a491746fe
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0NDUzNzIzNTI4MzY2NTg1NQ%3D%3D
x-proxy-origin: 80.255.7.108; 80.255.7.108; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 6836
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1

43 B
342 B

53ms
51ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiriqrpATAB&v=APEucNUvw-cCDyUTPAvdoyonOFSZJ7bHhjua4N99FtPl5IMxtPPXErcCN0PtSC5MVOb2DI2fkgOdjiciMNrmeZ0YimnzBW_zT07u49YPkIuz1hwpjAB5ehmJZaVKHz8iR5TMAGJbjtaT8b--_AyToXSyVvvbBFS15d_qFoPL-wmSzDs7vB8hSrk
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0P%2FjhE%2FcuF0gDWTI%2FtTwryp%2BywtV0Wv7DiVEWbd6Y59abhJ9T%2FZX5AGjrH9G9gwrW5eWt0rKjk3WBEF1eaMymEY%2Bcw6PwfJWEPMUGp0SkeVgodyXzlXfJVOgxIU5UCZ7HJH24XAIrOQo1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811c0e08dba3380a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6836
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR.xqmcgXYsW1xODJOAKYwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2

43 B
735 B

63ms
62ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiriqrpATAB&v=APEucNUvw-cCDyUTPAvdoyonOFSZJ7bHhjua4N99FtPl5IMxtPPXErcCN0PtSC5MVOb2DI2fkgOdjiciMNrmeZ0YimnzBW_zT07u49YPkIuz1hwpjAB5ehmJZaVKHz8iR5TMAGJbjtaT8b--_AyToXSyVvvbBFS15d_qFoPL-wmSzDs7vB8hSrk
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9Wv9V0BE8q%2Fjr4d6BKfqa4U5yKLKPhA9%2Fzdzz%2Fcm0zOt5uzzMLW7RXYvbkkMdpL2JwGtAsP0sPlchfG5ghzkEjPfAb23BKp0XIxAHNI8Srnh0RtyQ87eMQ9UGPs%2FfdnGqIvWOABRKcXTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811c0e09cf3b9128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRHSQz-mNFLqNpue0ZXd6Q&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 6836
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG7rfLXHE7aH-dOYOkpltD4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1

43 B
892 B

47ms
39ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiriqrpATAB&v=APEucNUvw-cCDyUTPAvdoyonOFSZJ7bHhjua4N99FtPl5IMxtPPXErcCN0PtSC5MVOb2DI2fkgOdjiciMNrmeZ0YimnzBW_zT07u49YPkIuz1hwpjAB5ehmJZaVKHz8iR5TMAGJbjtaT8b--_AyToXSyVvvbBFS15d_qFoPL-wmSzDs7vB8hSrk

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
an-x-request-uuid: 5618256a-61e2-4356-92c0-12412c41ed49
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.108; 80.255.7.108; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
an-x-request-uuid: 77435e0d-56a1-4b7b-ba0e-9932013c14da
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7rfLXHE7aH-dOYOkpltD4%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.108; 80.255.7.108; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6836
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjQxOTAxNDUxMTgwOTQ1Mg%3D%3D

170 B
243 B

56ms
48ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjQxOTAxNDUxMTgwOTQ1Mg%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
an-x-request-uuid: 49a74634-b46a-4a04-b11d-0c4af050fe94
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjQxOTAxNDUxMTgwOTQ1Mg%3D%3D
x-proxy-origin: 80.255.7.108; 80.255.7.108; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8945 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9511983248263&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8945 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9511983248263&version=m202309260101&ct=76&x=1&cor=10163009356579801000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8945 16 KB
12 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AV20591eIIq4FNZ72r6AK87MoqpvkrZHN_iMNmDOSCNYst0kV_K5p5SNHsCvkC0Ep2VNxZrPF9Ajy5LdSgNnaw2jfoICS6D1PUs-fbefEnVaqnNDSJHLIVw5j5A6JjC3pe9IDfeVQbs41HJK7brKAHkx0PtQzwdvOx5mAZOb1Ttlyqf3I&cry=1&dbm_d=AKAmf-BSR9U-SqA445A1NCza-iF6JQekpA_kkZWj2bVjhIkZeENiQ9E0vQaCI-amAULFDmPKYOloPsTm891LFxAkYsJPYAeX59BtuHj9AYQrEGIhG6YJpZ0Cm52jyXe_cH8m_BDR1xKbMXE1zW_w26ab57qE_eOW7UlW8vRZLQPOmvcuViwF54JClF9Qdizw6blsRwHgUg7iZAvr7_j20OtLuref5f4-9VAatpd9audba7l2X76jY-jtVqMNLztS8z8GWf-kKEl_fEjABfA9qH7O5Ei4HyoDs_g05786q_2e9qb7Oob4N1QKOli7YSfOoZDV9Lw236YlVGP7G3NLd6gnnglf7E-DCR6F-08IinO4gLDem64y_lsexvgjw5h1uuGDsw_MXY625MJfcNBs0eXyGyanRm7o0RA7SkD7QEOHYWuK4SdUuBKM7ZK4Srv_G0QO02ftDFSFJjuuP1hn3LZ4W01MJlLPgH0VgyaNTFRu2m3XenfkV2iOf41QHmMuQOrkXGxsXSQZ7X7XnSWaPt84HojMNFFYJcyJHLjj_HJKteeDaFJmKbdz6IaQ326c_W1JiwsUJtH0_5B2bdEjEDoSja1bvN9F-SmX59pCWXpZujENK4utnTsjntehZ0zOaLbVDbKkuQRuDNqYI7-5-dMGcls3pDs20KE11IMZWM1UfpyOuH0N5KiBRtjWgOvDWQJr5agwkg5PpKI6SBOmvy-3yQbrMA0ejGl1aZhF1uYeiIfYGBueF03l_lo1mY2hAbpBQDTGbTwHagl1zASeIC2bFMxczaLb18GckCUAqxh7wvzUp7fUBHgEbtKqY3jt8uyEMnf4fEFfQ0YleyXjt_8ogsGDh99HuvRos293cefi1ZHhTinL5LRfitaYd_dlUHZM-K-DzQWog4hPPuk0E0tjpSzeDRyk2zLwCgnELHvpAQuAMHISql4RB2tSeu7hHWyG3qN4jxiRWXMFg9uHWhcgjZAaHhjdwIjVJzFMyYxKxTINIjxl8O5TeKbKVEjW6EgtlDSp-LyLKyhfhYiK7h4FAPHp_O_Tpn_ORvnlSJDgC5WFnO8t0uyAAm-sGp9mIqj1UoJsV9XkUaRALKqk4gHXykKZlz49BxHxoGpt0dvnojXtB1pFgKF27RWs35H9dvf7qK9Mm871rDgAgRaJ63d8QdHvKsDvukI471HfefSwGhdeBUeBe6FzkpayMe6huFxOLJa5JGMNCOFjLPdvyARr72sC_UNJB7dYL17DpgcqCCrRlvXpc4knCR_GjdpkHhHBClwnyKSn1HCdQLoBnH9f7xOfSO_zWWmGcSEkpHkt0qFgoDwipXZVm-nqktEuiQ8YT7Q2HTE3h9FNJYHS_cbgxmfaEGo8U7CIPYUqSlAUXmz3-MuqVaO2ozeOEUxul_ZgjPFou2daU-NA5d0eAxBhLYpgGbFkUPWGEgoRK-Qh2IkXxxZVygz6GZlQDNdM_lRNDNgNvAlFTMRSmejzQTjN4cgU3AAMMthHf4gYK1WMCLcN9ZttpK09VZWeP601WoOWDi9Z6SwxeRjU1juInQ6lq7wpnKKCV3rzTKIb9itr7eUZXGF6uNO871rvZa6nY7H3_kLJkDRgG4Gatx9-CFdKoOcgpWPC5FNqd3lIZ0zcWnflGyyXxgmIaC39eh4LAkvtaaqjhw6c22A7xSEWlAA-YMBE8Qh0OMX6qguK3fBsqUp0UfqjjeKFMpSGyKGkyHPL8OdVrR7l-W_QaRDPuDyTGHGVzyITIAZ9HypkotA5s1xMyLrDoMkSvL2mdG0Dqryb3Opd_ooZd9u5P5CL5NKWm8f30esql3MTFS1wes-UVKMNM3vFgbjxI0eGbRoHt5CviwCA6CXW-B5gQpYne70XBoJ-WMbk3ZZdATtj5JB4NCTVehs1UNuZlVSgAIfsLwTtXMY3sXmAafXdM0rjY5e5kwEoE2oRpAJBmfuCGClWi2jEMEZgc3EJi2AP0IYuACTK4IEquXRcI8wECScbtTdu46WJylQUnaM_T--8sEBouFxAaZvwb3VQppa8nt5HMEtyl06mcIxT5FRDnq-pmRRGF9PegxKYgErF8A9p65B4AYbX4EkpAQps7ooQdGDb4N6PUgEwm1zrfiF6qBHrbTmtw-raibzf1uVe1GvzW3yCItky6Dgx1Of1b1IMEGivaGZBeYdxZcIvjk8FDvTAjHOMbeuDLqmYaLxNg9JNjpqyM3PcVnOc5EWWmTa1yTGTHIgsESg3BFRDE1yzq6YMfgCRBY5hlIjAjir6iZoyCpj3Y-682MeG4-GnlWzzg-1yE5cAs4mTh_g8LGthnpvXM8bztJHNRhicwuazPQ8ndlhXdHiuCvr3Cyfu6oLfto17RaUakyU_iofUyIgY5D_NG-DA-Endw3kTQjNZTCQYALGA0daE7LY3qQNOLjXP8dBpvZzB5YjTsiyJYp0gK4qUry8-U0QtsD7chUH9hVUu-RytlpJw-hxiARSFHR9lRH3Njq93BFebvwO4TwFO5t4fepKQRKhRhGYd91SfV4nglKV3te11EPSrQ46LCg_-HGnIlgfJaOUR2LFOSWC6pzo0376gMAAOVnhDMHmBW4R505v9GsW27GM46qIj-48AKOyXXaiyw6xNnWFXmhTqm5-SNU2Wg_91TOvYCQ8bJgl6j2FOnKw3UDJdqI0SjYcrVZfxUI078Upr-xV-VukZKcCDty0NGJLhRxgU27d--KHrXENPJspr1cZj22MDbgmp3c6aX0nSXzFPa_0FL4cHDMsmOJufhQh9KOSl7o2NUYNDJD8iLs1dQ1k1xNpasQ7JOPehg0GsM_BJHaxv8FJfxQjKUw3AXsc4N4OhsGfPY9B0oB2jdPV9FSZbFkHGMNHQbnl-HtUwD6CxQYXkzzPjXwbJU3HLU6RlaTiDtawnn4cuO8Ur0gdy6VpXLSCaFhqheSfl2-Pl1UqrZVGvlSK0U164ZvUFLq3PrSf4Ds12lCDM3cHHHoj2qf4rkK4UGsXckkF0A3c-Sr1Y07Hjczs9gwKN6nYOqCOUbrLhvpjhEe8LMh48naw1kPygtKxBrV9n1Ml1zQ6zBk9CHVl_Zn67sPzQHAZbDFF3I80H9WMrAqxe8mmPxX-4XDmNj4G126wjm3Y_ILjxUTyTeNJUcW7DWMljmwjPKxDZZ2LwRg&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Falkoora.livehd72.live%2F&ds=l&xdt=1&iif=1&cor=10163009356579801000&adk=929882891&idt=181&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

654ae90a0c6574b479192d49d22ab7f296c38286e41727c8ac412b2a4fae9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12091
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 525B 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9387845979018&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 525B 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9387845979018&version=m202309260101&ct=77&x=1&cor=5956452578747817000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 525B 16 KB
12 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADvzrl9JaW4-pSVSjmiqiGoxOvocBh_1wRVngvnVrGW_T4VeF6oTR2IXC0ZAyJxozd6HMYJBczzxAjHmKXM3Mx6NS82fP5WXushWfeF8TCkccsLkxxZrWzgAUKbx24deWNK8lKMNlGw3BtqmhaA0TqwvC9qIIitEPAcspRII3heuYvb7k&cry=1&dbm_d=AKAmf-CJWBR46kFUV4asS4nizSeB0MdlrtbkyVEOa6HzhLPreAwz2rBZNXtHn1xQOLdTGWCuS73tA8xHwzfSGu3cL3DFUyOdgFgq1DVdEM9fyMwrE7oYjvnRkDh2fWbD2V0HZJX8LuuX7R9LpxiFNhSl58U4_LbMu4QSdKRz4nOhu-wVc14Gn94SJubO7ieozx_Euye1INX4Ma0IOwv1bMB2QasJTknpmweenax0u0Jq72XMgkFCz0G85WgjMRkz9yh9HQaBpEl3J6DH3h5lI-JUsfW3ODqWiJIi0m5BadbmLIkHs8QmL4ODmKSLu2WJUJ9HaLzm2PRVCiRH2YxPHFWsfnV1lQ2e3e4tytECO7v4leBeaWIK3Thg6XhsfK8R1CTnI4EL687yVFb5gvxPgitzIkaYEgBgJ4gynlfixyL-aLSpcN9_LuRB_Zhbxtr_G-ieHvsliMhr7AGb2i9Z0nJ4bHhsmAlQSD-W51K1BLYf1sImMCfNyJcHvrqFzsWM4mVC325grkO0VP0ftoY2kEdmJDN3iLZM5HF0GHXnhET0nP6yaBnGXSJWAm81kOTDo278J_Eap-XYDCaBZv8qNklxGb8RTrqWBsvRFzD3eUJhu6A2cp6cZGoNX64FjsZJ2ylSOZ-DqwEbfbofg9XEZDMc2ZNeU95TvtwtU2OiMcsyUjNEToNClfDmR1sRvRPNNA3851-8FRCaoqe3qLYzlE3q3JciJrY3UCjWj3AirFd6IOXw2yB3RbvrwibwkDfiPFXdjxv0b58A62LyTBqFzw6bMNSGY0BZ9V02q0DUYZkCme5fMG3AEyAnZwdn6eTGvBmqNo3XVP2E5ris2BbsetsZViRIo-UjzAFy27LOD8-ha4pmUBDyJoEVe465ngCGYkMh0Kx-uvivW9_ZkK2bRKTT_WeNxi4chK6dHsOkcsQRx3ib_vBuqctRmzqW19z9eenGuN-QQ1m7cIxx8eet4r9t_WdEvOf60EjJqxIhhAk9mI4BcqrYvJqtIErN6wCQPmfONetP2pzBz7VRRlVLiIpbw8W_b1JjCICWGb2lBUWksROtcMWx6KC_ypFVqYMfygfHJ9KG3TIJZkIYkLyYnHO906GrAAofRQkRHTt9V_KIgDuoog3M5krNkXn3jaJiaQtiPcEdUWwB6vayqOUgymgmX1Hbj0StcKYXKHAY4-1TKAwEW7VN8HQrYyUFBy8eKzVUnzHVv15AIH-tffCgWSP4Q_g_GRqLwlvg8Fao2xOFMztZB7VQx5fJkIYgNyv-Kzq7lnHTfB1688_G4shsGzG2NvtcxJdhbo3EZNFYu8T_p9R1p0fP4UH_dmTGQthCyRxavHeZ4epBM2MyOwb18wbXJ6lk_zCnrx3di9mpg4_ZGnGWrU_iqI6EzFPbksA-hO6CD8fSgY8lTBUXSDUTRulcPUuUhimaM_cdH4fasXcD2jSWfaJ8NFPPGePTIXk-HfdfsjdZL5x8cfl97zKr3uZtBoq3FGeV2IgcIj2sJ6fI9Use_MonNXua_prlDd8qPaHjsmcS6ggshk5jvdzQ1gbbEpe2lesCe224V7rCJjpAYN9yLwW4WMfCoPgZ9nb1oCXIanjfKkYqd_A7dL_TOsIhEWDm_uUOqJ5BTSMThq-D66GmkM7T2bLWZLwdh0YJpgn1fwoCkur_HmKhPCzyGUYLH0424YpnzHN4IaB2_F4bx_udv897F6DwL6uKOWBuYN-Eq9IHZtMt_HLhSgHpzzV-weebXqpYT8c0OAVigEXQLlz0Jx3pqun2LbCO9eFZ1GvwoJ7XLyPM6xQPqJt2jZ8z0VDVTe7fHWZqR4l9mN3EqIeblkyY3V_rQ5Ic3LU_K_4PEQfr4OZSDpgSmJbmhOUWb-rH3rXaqBeeouVGeMG48jbx4hbQHiBGtjDEEN7YnKlrM8qlHconlCfo_9NdUGEgIXv0QYU9Y8L-vsk6lvr1w93bx0QSb6eCgYCmepJ2YtL6vOpy89OYLkPt4_DmW-J_qkDbZfdGmymLMaBA27YhOnm4JJPsazt59RkX8yuCzDWYHwFSupr64VFd09HKmHQNdXkD8s5FtFjYRcNoVJ8ngmovD6BjOhCkXyTvS41Zc4uC6Oprmb4sN6KGzwzN_NSkHK3Bwy515goPZIxwRvPADJ9uzLbyGiqABJRZSDFBTpyMyrc4C-hxFRT2mK9-95-3JUHRq3rMmQ3tN7sKkcdHMgXsBVqiwRcr2S2FAYLAf95Dbx8R9HsH0gQlO0F1BfXKWnNDygymueW98kaN7X5gjYgqHRPgl0R_SvDPdjsSbamXWrN9TUKyvJyPtH-ZbNpLkxEL_VrmjL-unv0UrXs7wLBk0xsgXOh2aF0tpUFxlMaBAEZKGZvsDntLLSwsvb0o6bay57QqrOjajIdq5pdeO-Z59KPL4odLsgoLKjPvNDtQZtFrO07Zi09DGdLhdGFKRZ-AkVC8Ua52VsNu6mbp7SmoYad7XKC6PJIxUMaIRSel_6If7QUjfF1090XcoSqtpYqB1JRB4oWrscINuCHIVZXVx87sLyapwID_LuPQ-BkBns3a3-_IUH8VCfsyZssjh6n-L_2fQFwdVmYiP7eOUqA7Uj9Fh7Pyw1z2CdoYip_ngPf0l-qnlNywAgnYAJxHcozlhJLxcLGEcQ7UbcYf0t0psVic28rtb-feA6pUvwPD2T6eBT7YD4NWCQO22UW5xHOYs-xQe6irsezqhGe2xWy2nMvuKhwxkaExZC1VmWRxK_p-Wkv-ICz4Wgfet-SUxx0KNFmRuStJCMZLz3XWB1_xFDZbClpt3jJO5q8o4QkkI-fejKqGKt1ubfycn8o7KtHSXbXCaNiXekhFkLQoupCVjG0BrpRrsVAbb1VE5T-YvURMIbXoertBYyUf-yPlE_o_JOb6vV-5Q5B3lnidrw1NUrkwKgZ0qXAuRnZlrBwLBO57i9KRvvlbpAONlCVQuQI15i2uAQSgnpwgqHJ75ECvWwvotO5FFoqQKR6EKtnrnRAf3LFQ8JR7ZjXOi2PeUnwMKT4Zi5JtqWO0z6nadQwuavD4OToBZwlltqPlXACtHezk2JyppG_JlL8becP0XSXncOZqnTVG3cHR4VNTdOCzqin8aAm87_c05_mj_21mbGidJAuq2kpRnQ0gcWFkdsxZjcK4UuuZLEWExcO9jfQGKQEEM-XLrDlnCzP07myMp2rCUPksCcMbsVapDT_lTNGSsVCz8oN-yOZVKvPMBJqn5CMATWr2YwOv_dgQhQb0X5mxMXj8CssFpEznC13gKqnQaIg7jEhu0eUg02iJY6KkoLkjg-6ZAnLASNJQWLh1s7qy7wAQUeiqO6EAg9yrQt_o7MEQcBS5BH8zO2w-u4CVYP1s3ij7tNpDKxW-5LORsgcfBbTYcI5we8xD1dxedU33dCPn2KsLwPhE4G4Zy8GOacJ27Q1Gd9UoGME2I3fCHnM8Gd1Ovm3jps2oTi87R_1Qy9SE0Nyv8Y67vSdf3RKhThfZFA_VIf7adgPMMZ6CbPQG-w0FZcKo7QzsTP1huF2oCf9LWek46EExrutlRxS9cE1WflWhe4cf0semq3m_sCrtgp1jwNZmEJSB1rFnU-_tLBnXx003yPbaykyVa5vdFsr7276epcLt-IFQToWupcvHIjrScPxS4pMYbi40tVDrbc2IeqsXLgYXhbGweWcVE3O7YN6T_e2xkM1xjC-MVZUjyGUE-xoCrZNpkzpTxPCzLgvNjqagJVGFgZ66ffoayljHxsDQOIkKrMQdb3bpBaTcvt-5hNH8jWX-6MwS8VGb0VPTJY_dEWRXTJEYfhzWS9foVSKQDkTAPrXUpNRpBmLRN-ki9vDX9dcKBWDNBkdtFcECNYcs2ZxwTpci2GJczd7xL3rcV0h5pV952yxmS0YBv-J6-1327cpj_eFyEvu-ae03YvrHx8Pvf0lfVRDpsDmw0eA&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Falkoora.livehd72.live%2F&ds=l&xdt=1&iif=1&cor=5956452578747817000&adk=1877897943&idt=203&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37e8c7fe78ccf2c2d3766c50c68da1c53f17462ecad1d0d29477707413d6730f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame 227B 37 KB
14 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 05:53:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4777 41 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYix93JBNNDcdxZaoLzyvyhWNYadqk0RCPQVxHgUpT0pRl1y4YU28gGE-Ipp576SAfWr5muGfUZnrWBZ827pFhdIB05utww2EhDJeG84vHvvg8GtepmRHo9otcvUVCbfSPfwvGWZzUwr8iReNGHhl157zgGOvJW5WzqhulfaLxaLoY8F0&cry=1&dbm_d=AKAmf-C9Gv7Chzj6dGF9yR6INO56MlxBmQBnwWWdarKdTp2rZ3CHYzh4x8m15ccQY51Skqgqac-ZkfXi9yb_wlhrrc2EOk0V_9UecFO1Kaw14OVdMU9akX-SbQGTyjqNhTBxxIvgFO_TlYM0IgK3u0YN0g8cN2MGw8yGoyOs11vNfLiqrAEngQXIs3FR3-P9OUp2zYJEoCR8KFlJ9XF58LiTzAUcf9ajNWSqZXjsj5XCYiClmXcaey3Iya7Zf-hUiPkGk8wMoIJ-TBqAzA8BVXBpwonhhUSlg7kt7Qhj2fTbiIupHKlRc1suK3cWtK37jrJARJP0-Yd-Mt6lpANy7tgpFO-8nZ_YVqgHVVxcz3GGQW_pJg_XIadOa43DB5LEv1O5xy40G3PvjXJn1D4p_DpK_oDvrO5r7xCMjsKtLmOVK1fzktIkQVT7GKEicqvhXrQa4Vs5JKnZMxKHCOOBbwWra5zi2HN-d8V-Qzpp6Imuahswj9dQfMvmtRat6E42aDbytvw-Z8POX-kWWv5ws70hgfggwyvvNabHjbzxXksRL0uawvmCMm3yXuiOZe5EBsawF_zgQ21rMk0paRihTy148E2buVZs577F13BKwC7hCnbrLwXLYPmz_8vW60_Q0hZJzgMwVBGOM1dyGIH5r6fNtYIXwPC4VQMwhpFNFQs0VvsfiFlN1L0homz2GrFd0eUIHbDTi5poLxb0X2nn-m0_9oDFm71EQq78CIbvwzABwnxbc_mA7u6l5YHDX9bVn_GrZvF2hxDX_cx5vrajNabptTkuGJWZLPEh_OD4JUGmnVGeqenTXmYpx-wtedos-NfNqXfsu56ZiGFUHaton3akKndyoI6xA0t1Leoxrw132MNmfZfvjlqa3tTtEk5n1Dk76mSI7cXIPjYdwcWSWzqVhAuVSJNc6O1HxpXhnkYpVUyeY9SlFhuHPMAN_v6FiAITHdhffVZEOPmV1dn9RV5ibHI8H92HHZlgXoPTS4TEFrjdc8NoVeUZhK23WCLgFV1VqjKU3z97iHCgeeizmfJMblM3lBN0Q7JxuJuG-vzNVqWZFdoG14s1V9qnUamntzwTJnPS23G3pQpKU-EgeEAld-2rZLgkDzlDkbg0_E4TEmfiR-EuECWVq2EPNh8F-d6BVWrhgcRbPlcJPzEg_isw1xIluKgeB5KgPXCMOk2z3vwHzRvEVZU5r4BFOZw0qE7CoyBkcZnZCZq-537FrS_9lC-2bHcbX12pSbB3wMMy_4VwtCNUZdtvys6-IU8GhQVJqIRJlNv-MCpX_XRzsXwVKoT5JRJucOQV7HcxXGatfcrw30ypJkloWqIfNUR_-xtl1N6WyJsVUKVqi7nSJpwXSUyaX6J-Y1bXj_fctu9U7QTnO_NDiuZNUerS6DyCefRl84ZZZm2oHWhY3uBBffptN1WRWT0eZ8Rz-by4CLumFHaCSF9mDv472xtHehhJUp3qKbaGf1yGc7-iI166Lat-9_7-dujwVPaC0-F5Z5zcaQljw3gSFp7H2MJybVG_r1J72bIkvxOKv-lUYIU2kYP1YOxkXsFlbzpA7p-zF7ezgKoZtcv3Ul7cSOMnunlpHtDoFXDvfMjiYG3uWV2T0lQoAIsa3wL0UOOfMx_HVvC7NXpi3_TlepSxfZWR_kddGzw3SghfQQr3K23YkpWuCgX7BrT_l1dpIumIxMX5189myb7Ipvt4IiZjoenug9Tkj09vP2FO6-QqcSdoyGHdogeAJxu8w9hIKBdwMa2vSCp6aAZMujuNuM0oTp_-xEcvyNS7C1s4sDR0VrqrwZ6ZaCbk-S2nwaNwQpBV3EJe-iQ6VcadIrgGSdIm98lxisPAXNvIAjH5YssRcQSoAdt3lFwRwz88YRUg9KhYic11x05rHLudydjqOh4MogSkorgl2pfr_Re4UtH5R66G3E6oMekxza0rpas1yD7WYE-Va_ZsKZ8mV9vcJXOlGRM2WIEh3NvQpe1TVSOtrWYv8oT8DE2k2oCuGo3R_0qAndEQoZHWSrWQDnlzw8rVyeViepSouTKzokJXRJ8ikmWn-VzjRT9V3sahwdF0mXSU1Dsz9uFaCP_Q9oEr5kyUoHiFPgcW-mCXkfbKMo3jDI-076sR6m3eHmuW6kjkhvd8UxBLK-P2cVrfiZF_jEALu7lLI_rklnZWBksXTwQnI31cjgZbiVs17gc0Sf6k4LA4McKHNX1mLPMaGJRQfGNLCivmGFYABu15pKvvguqwtcpln7mSB0MryEe7yV9nqe8VUrmhnvNDcLxRxy_rEpzJNoJUlfCjA7cjgFIy-tDwlOu2G78qtDqVweU8pWQ9klS4zGYGUrH1ZyyP-SnrQTElr3R6YyvFL8GlUog0Wv17CzXY13n-WX-oWfRAUDSJv57T_V2AujcaXSe8nBv3XENNSVqPZEeLTZqUiPVb7dHscnQ7gnRr71l7KRU_7JTban16jCAhX0Ja4cJ7O7juK-AVpWTMmNPS4uL1HhstaiX_uOJzGt8hjEw99K43evk1nun9tsLrix0foySNKM2dPBFWbNPf4Ca6Bu9hQeKnTUS5NtyNbtzq_WGJNV8zMIViu6Y5agXQIwNR5OeABwOBylwqlma10vwN6pFCLvcuEQVG0Wb0R3a7czZ40nd1fN0K4xoQNtMIPJkF4Yd8HtmvhM_GdLDScPzLaC66EvZpFOzFyCKioBSxI0v0dpCsnKEELq76lvwwPOAEMwjjc2oL1Bfwt_rkQ7MDBinToaiEjryj-LSpIcURqpwwciHDxytnxn1IE_gqLwEYhxD0OQ4EHiIRkhhjAPAw4uXjRWGSMQ5Akv0R7sYAG5tO-6mcBJrFuoIyHoDez1BJVvuqpZaWKqe2TTcP44JrSPN7DN8IBtn_gIgPl55YPdSvTyLe6TF_mvgLOuI-LazjB5jRLzpXINp2YIsZbAUfYAMl_LbLDiAmLXD2tX3uVeLwtQLxzGelL9-aHusHSl2RJCymA7HGagmpkh4NvvcAy5yH2wyDJZxRbwQyZB266PfG1NpGOKJD42Y-FJjFTke-ttP8B3YPbPJPCWGUQBRUMu-bOiHjXMV5My9d395YD1afKqGwP1ngOkDe-C6wDLwwarieDvNXwauuStGO-tEjydmPy4WMK_aVXT3x8Y5O0R0BntQYdRQejcONlW4Ne-bkcsdqKzWSwSCYN4lFMcOIQw4BJ8rudYjdFXonRG6znOeOctJYN7rA_meRLuPblY1HvJk95V_1rMa1Qkk9WnMx1GYjEp5jSsBbzha9HxKIGMqNdWS69E2NkrJ9jTpHFEAbB0mLLhEiycgKu2_7Go3JH3tBSfqDtw6JSe377-RhbiGZNqzDIbbuim4uCCSj0zMttpfMWdOwRZI6UYz7bNuc6rLM0mShbWAw2_vjLNPEJO_peAVdnxiro1FnNylgxPvq2IOsaaV7uBdY7jBlXAMCRqetrUkRrioXuq63GrVOKxpexCHeJL-iAwu_vzftvnHWaeNsNNYAmNLX79IulnCZt5eVOPaQtEIZVJksIpgqdu4a5G7eV8RaYrw0h8aF0V-pj6e9JiiRr9xSfEJK0yavh1-IarDbxR4nzGxmnJzHNBu5Xx8_JONKgQnZ8yy4U84lPKO92caQB5stoFaYrhPU79V8y0o6qpBEqCSHloh-FWDFPVdV3BpEzfNa0s4mN6Q1a8JQLlExG_v57_I3XsSgsnqcjC0AzhBENibP9FO9APJDO8z5NDoZqMmt53r-0MICpdUqbeX78gyjDDnqmFkfHd4-8iT5rP6vZzdaQBQPBFCzE47PgoNHgSQyyhWT_NTUyGZ_ZfSlX_jUvNIDX0mUnFofGdjTxAcC0Wa26Nuco76YFjdIEhFhwaC9zvpz5bK7S9-8V-Vd6UzlLFQVwH5iR5yg5ZYibQaTAyirajedMH7FWecOCE5hv5I7om9XqJq8NIVznP_pfVg&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Falkoora.livehd72.live%2F&ds=l&xdt=1&iif=1&cor=7742641909078650000&adk=521587874&idt=143&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame 4777 36 KB
17 KB 182ms
69ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67645895;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CkidYqLEfZbicPLiYi9YPss2noA6-vPv_ctiuhpWdEpL-zbiGQBABIP6DuiVglcKmgrAHoAH646qkAsgBCakC5TzTeR-xsT6oAwHIA5sEqgSGAk_QBKXmMDpmKknXTH3Qq4hdrHmT3jDrJ_eTLmdl_rjxwBJ3oub0P6nXMAwc3cqm3p_PHuNx1es095WEPGIGqhYgTSZ8mcK53RK4UJ-A6DnddaL4EmgnL99K4b2d1q0EgTjIOLRbm3XwN_QeKNtTLt2AxJjSvO3sRuDh6D20Zm8f2-q8LLhJ8pg3W30WE9odjhCeoxdrxOKxHkJUApMqGb9mEDnlhK0wYVFXh2i4sGamDl2PF4-I-N_gkahoh5spxLfcYINoifpSkmnzm4vmQtkb5smC6bniEDGa6l9D3yQbG-QwW_4YtAPMP8AcRT-9z6JynPf8xIE9Lw9F3ayMItAY_l5E9IbABLaF1MDGBOAEA4gFnpehmkyQBgGgBk2AB-6b1dsBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERcgNAbAThZ6EFdATANgTCtgUAdAVAfgWAYAXAegXAQ&ae=1&gclid=EAIaIQobChMIuJCD5e3ggQMVOMzCBB2y5gnkEAEYASAAEgKJhfD_BwE&num=1&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&sig=AOD64_3_NvtR58h90_yoSzY_XBhWtPTqVg&client=ca-pub-6113467694901384&dbm_c=AKAmf-DxdEdXlnI7md7LdJ4yXkR2L57bh4za7rcUdXtJh6YFkXXSs1ZCeiT177NHRx-HyK25siIeo3WMI107yISvCYXtIoxlxBT9vwzGoFPmHtZ3D7na9iXt260qHu2aKYhwmLUFU3VI8Um3e8JA7WZEXbpqLNZMaX6BziPKcEs0rW9ba1V8-g0&cry=1&dbm_d=AKAmf-C3M72GAd7DxAGhbG2dFPSvRKKFRWWmQroRwjHDOisCXRf_hGcsb2JAIndXF1Kxkv3rf0eqrvqQ-4_voSVsdLxf1Kmmu7NWf2NneaduKGwp5VNqfXwHMTKyTf6mLiMGzYziH_4Lu9RO9o6Mz81bDhBIzcBEvR2bvn25-bO2HvrRHxtjQtf1m2T2yOUbgkcLrOE0225DIkhT6yojeIAR0yrqP1LT_H0y5l7vwgtdWiozgzGVQ4tIZ21Iu5F7tmkZ1rX1usX7iRM7Cc7y83iUu13zzYUGeRXBWV1FGMPq4C_TVNImE-t7SyHDIUTRly23DOe8YFXKVG3pkFONxSfLKOKyrMMpneZiIfhL1x_cVCpYZhdo7pcMqpX1mSGkiZoaZxhUwO08Bm1cc0RRfnQ5E8kE-hNkf4OiSioe3HipUpKDSiulVKofVK2BHJqHacwiCM3HwvzRUcjT7VmBxPxDnME3LESOaUb8eWze4SRd9Vbylws7QNmQ7eEg1oyP6by1r-Kt3ReriS7DSysVdfVuslaaiZofruJJQia9fp41NV1sphyn4Ol01TXENUoBAQS_LgR2WZVu&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Aug 2023 15:08:03 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8945 41 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AV20591eIIq4FNZ72r6AK87MoqpvkrZHN_iMNmDOSCNYst0kV_K5p5SNHsCvkC0Ep2VNxZrPF9Ajy5LdSgNnaw2jfoICS6D1PUs-fbefEnVaqnNDSJHLIVw5j5A6JjC3pe9IDfeVQbs41HJK7brKAHkx0PtQzwdvOx5mAZOb1Ttlyqf3I&cry=1&dbm_d=AKAmf-BSR9U-SqA445A1NCza-iF6JQekpA_kkZWj2bVjhIkZeENiQ9E0vQaCI-amAULFDmPKYOloPsTm891LFxAkYsJPYAeX59BtuHj9AYQrEGIhG6YJpZ0Cm52jyXe_cH8m_BDR1xKbMXE1zW_w26ab57qE_eOW7UlW8vRZLQPOmvcuViwF54JClF9Qdizw6blsRwHgUg7iZAvr7_j20OtLuref5f4-9VAatpd9audba7l2X76jY-jtVqMNLztS8z8GWf-kKEl_fEjABfA9qH7O5Ei4HyoDs_g05786q_2e9qb7Oob4N1QKOli7YSfOoZDV9Lw236YlVGP7G3NLd6gnnglf7E-DCR6F-08IinO4gLDem64y_lsexvgjw5h1uuGDsw_MXY625MJfcNBs0eXyGyanRm7o0RA7SkD7QEOHYWuK4SdUuBKM7ZK4Srv_G0QO02ftDFSFJjuuP1hn3LZ4W01MJlLPgH0VgyaNTFRu2m3XenfkV2iOf41QHmMuQOrkXGxsXSQZ7X7XnSWaPt84HojMNFFYJcyJHLjj_HJKteeDaFJmKbdz6IaQ326c_W1JiwsUJtH0_5B2bdEjEDoSja1bvN9F-SmX59pCWXpZujENK4utnTsjntehZ0zOaLbVDbKkuQRuDNqYI7-5-dMGcls3pDs20KE11IMZWM1UfpyOuH0N5KiBRtjWgOvDWQJr5agwkg5PpKI6SBOmvy-3yQbrMA0ejGl1aZhF1uYeiIfYGBueF03l_lo1mY2hAbpBQDTGbTwHagl1zASeIC2bFMxczaLb18GckCUAqxh7wvzUp7fUBHgEbtKqY3jt8uyEMnf4fEFfQ0YleyXjt_8ogsGDh99HuvRos293cefi1ZHhTinL5LRfitaYd_dlUHZM-K-DzQWog4hPPuk0E0tjpSzeDRyk2zLwCgnELHvpAQuAMHISql4RB2tSeu7hHWyG3qN4jxiRWXMFg9uHWhcgjZAaHhjdwIjVJzFMyYxKxTINIjxl8O5TeKbKVEjW6EgtlDSp-LyLKyhfhYiK7h4FAPHp_O_Tpn_ORvnlSJDgC5WFnO8t0uyAAm-sGp9mIqj1UoJsV9XkUaRALKqk4gHXykKZlz49BxHxoGpt0dvnojXtB1pFgKF27RWs35H9dvf7qK9Mm871rDgAgRaJ63d8QdHvKsDvukI471HfefSwGhdeBUeBe6FzkpayMe6huFxOLJa5JGMNCOFjLPdvyARr72sC_UNJB7dYL17DpgcqCCrRlvXpc4knCR_GjdpkHhHBClwnyKSn1HCdQLoBnH9f7xOfSO_zWWmGcSEkpHkt0qFgoDwipXZVm-nqktEuiQ8YT7Q2HTE3h9FNJYHS_cbgxmfaEGo8U7CIPYUqSlAUXmz3-MuqVaO2ozeOEUxul_ZgjPFou2daU-NA5d0eAxBhLYpgGbFkUPWGEgoRK-Qh2IkXxxZVygz6GZlQDNdM_lRNDNgNvAlFTMRSmejzQTjN4cgU3AAMMthHf4gYK1WMCLcN9ZttpK09VZWeP601WoOWDi9Z6SwxeRjU1juInQ6lq7wpnKKCV3rzTKIb9itr7eUZXGF6uNO871rvZa6nY7H3_kLJkDRgG4Gatx9-CFdKoOcgpWPC5FNqd3lIZ0zcWnflGyyXxgmIaC39eh4LAkvtaaqjhw6c22A7xSEWlAA-YMBE8Qh0OMX6qguK3fBsqUp0UfqjjeKFMpSGyKGkyHPL8OdVrR7l-W_QaRDPuDyTGHGVzyITIAZ9HypkotA5s1xMyLrDoMkSvL2mdG0Dqryb3Opd_ooZd9u5P5CL5NKWm8f30esql3MTFS1wes-UVKMNM3vFgbjxI0eGbRoHt5CviwCA6CXW-B5gQpYne70XBoJ-WMbk3ZZdATtj5JB4NCTVehs1UNuZlVSgAIfsLwTtXMY3sXmAafXdM0rjY5e5kwEoE2oRpAJBmfuCGClWi2jEMEZgc3EJi2AP0IYuACTK4IEquXRcI8wECScbtTdu46WJylQUnaM_T--8sEBouFxAaZvwb3VQppa8nt5HMEtyl06mcIxT5FRDnq-pmRRGF9PegxKYgErF8A9p65B4AYbX4EkpAQps7ooQdGDb4N6PUgEwm1zrfiF6qBHrbTmtw-raibzf1uVe1GvzW3yCItky6Dgx1Of1b1IMEGivaGZBeYdxZcIvjk8FDvTAjHOMbeuDLqmYaLxNg9JNjpqyM3PcVnOc5EWWmTa1yTGTHIgsESg3BFRDE1yzq6YMfgCRBY5hlIjAjir6iZoyCpj3Y-682MeG4-GnlWzzg-1yE5cAs4mTh_g8LGthnpvXM8bztJHNRhicwuazPQ8ndlhXdHiuCvr3Cyfu6oLfto17RaUakyU_iofUyIgY5D_NG-DA-Endw3kTQjNZTCQYALGA0daE7LY3qQNOLjXP8dBpvZzB5YjTsiyJYp0gK4qUry8-U0QtsD7chUH9hVUu-RytlpJw-hxiARSFHR9lRH3Njq93BFebvwO4TwFO5t4fepKQRKhRhGYd91SfV4nglKV3te11EPSrQ46LCg_-HGnIlgfJaOUR2LFOSWC6pzo0376gMAAOVnhDMHmBW4R505v9GsW27GM46qIj-48AKOyXXaiyw6xNnWFXmhTqm5-SNU2Wg_91TOvYCQ8bJgl6j2FOnKw3UDJdqI0SjYcrVZfxUI078Upr-xV-VukZKcCDty0NGJLhRxgU27d--KHrXENPJspr1cZj22MDbgmp3c6aX0nSXzFPa_0FL4cHDMsmOJufhQh9KOSl7o2NUYNDJD8iLs1dQ1k1xNpasQ7JOPehg0GsM_BJHaxv8FJfxQjKUw3AXsc4N4OhsGfPY9B0oB2jdPV9FSZbFkHGMNHQbnl-HtUwD6CxQYXkzzPjXwbJU3HLU6RlaTiDtawnn4cuO8Ur0gdy6VpXLSCaFhqheSfl2-Pl1UqrZVGvlSK0U164ZvUFLq3PrSf4Ds12lCDM3cHHHoj2qf4rkK4UGsXckkF0A3c-Sr1Y07Hjczs9gwKN6nYOqCOUbrLhvpjhEe8LMh48naw1kPygtKxBrV9n1Ml1zQ6zBk9CHVl_Zn67sPzQHAZbDFF3I80H9WMrAqxe8mmPxX-4XDmNj4G126wjm3Y_ILjxUTyTeNJUcW7DWMljmwjPKxDZZ2LwRg&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Falkoora.livehd72.live%2F&ds=l&xdt=1&iif=1&cor=10163009356579801000&adk=929882891&idt=181&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 525B 41 KB
13 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADvzrl9JaW4-pSVSjmiqiGoxOvocBh_1wRVngvnVrGW_T4VeF6oTR2IXC0ZAyJxozd6HMYJBczzxAjHmKXM3Mx6NS82fP5WXushWfeF8TCkccsLkxxZrWzgAUKbx24deWNK8lKMNlGw3BtqmhaA0TqwvC9qIIitEPAcspRII3heuYvb7k&cry=1&dbm_d=AKAmf-CJWBR46kFUV4asS4nizSeB0MdlrtbkyVEOa6HzhLPreAwz2rBZNXtHn1xQOLdTGWCuS73tA8xHwzfSGu3cL3DFUyOdgFgq1DVdEM9fyMwrE7oYjvnRkDh2fWbD2V0HZJX8LuuX7R9LpxiFNhSl58U4_LbMu4QSdKRz4nOhu-wVc14Gn94SJubO7ieozx_Euye1INX4Ma0IOwv1bMB2QasJTknpmweenax0u0Jq72XMgkFCz0G85WgjMRkz9yh9HQaBpEl3J6DH3h5lI-JUsfW3ODqWiJIi0m5BadbmLIkHs8QmL4ODmKSLu2WJUJ9HaLzm2PRVCiRH2YxPHFWsfnV1lQ2e3e4tytECO7v4leBeaWIK3Thg6XhsfK8R1CTnI4EL687yVFb5gvxPgitzIkaYEgBgJ4gynlfixyL-aLSpcN9_LuRB_Zhbxtr_G-ieHvsliMhr7AGb2i9Z0nJ4bHhsmAlQSD-W51K1BLYf1sImMCfNyJcHvrqFzsWM4mVC325grkO0VP0ftoY2kEdmJDN3iLZM5HF0GHXnhET0nP6yaBnGXSJWAm81kOTDo278J_Eap-XYDCaBZv8qNklxGb8RTrqWBsvRFzD3eUJhu6A2cp6cZGoNX64FjsZJ2ylSOZ-DqwEbfbofg9XEZDMc2ZNeU95TvtwtU2OiMcsyUjNEToNClfDmR1sRvRPNNA3851-8FRCaoqe3qLYzlE3q3JciJrY3UCjWj3AirFd6IOXw2yB3RbvrwibwkDfiPFXdjxv0b58A62LyTBqFzw6bMNSGY0BZ9V02q0DUYZkCme5fMG3AEyAnZwdn6eTGvBmqNo3XVP2E5ris2BbsetsZViRIo-UjzAFy27LOD8-ha4pmUBDyJoEVe465ngCGYkMh0Kx-uvivW9_ZkK2bRKTT_WeNxi4chK6dHsOkcsQRx3ib_vBuqctRmzqW19z9eenGuN-QQ1m7cIxx8eet4r9t_WdEvOf60EjJqxIhhAk9mI4BcqrYvJqtIErN6wCQPmfONetP2pzBz7VRRlVLiIpbw8W_b1JjCICWGb2lBUWksROtcMWx6KC_ypFVqYMfygfHJ9KG3TIJZkIYkLyYnHO906GrAAofRQkRHTt9V_KIgDuoog3M5krNkXn3jaJiaQtiPcEdUWwB6vayqOUgymgmX1Hbj0StcKYXKHAY4-1TKAwEW7VN8HQrYyUFBy8eKzVUnzHVv15AIH-tffCgWSP4Q_g_GRqLwlvg8Fao2xOFMztZB7VQx5fJkIYgNyv-Kzq7lnHTfB1688_G4shsGzG2NvtcxJdhbo3EZNFYu8T_p9R1p0fP4UH_dmTGQthCyRxavHeZ4epBM2MyOwb18wbXJ6lk_zCnrx3di9mpg4_ZGnGWrU_iqI6EzFPbksA-hO6CD8fSgY8lTBUXSDUTRulcPUuUhimaM_cdH4fasXcD2jSWfaJ8NFPPGePTIXk-HfdfsjdZL5x8cfl97zKr3uZtBoq3FGeV2IgcIj2sJ6fI9Use_MonNXua_prlDd8qPaHjsmcS6ggshk5jvdzQ1gbbEpe2lesCe224V7rCJjpAYN9yLwW4WMfCoPgZ9nb1oCXIanjfKkYqd_A7dL_TOsIhEWDm_uUOqJ5BTSMThq-D66GmkM7T2bLWZLwdh0YJpgn1fwoCkur_HmKhPCzyGUYLH0424YpnzHN4IaB2_F4bx_udv897F6DwL6uKOWBuYN-Eq9IHZtMt_HLhSgHpzzV-weebXqpYT8c0OAVigEXQLlz0Jx3pqun2LbCO9eFZ1GvwoJ7XLyPM6xQPqJt2jZ8z0VDVTe7fHWZqR4l9mN3EqIeblkyY3V_rQ5Ic3LU_K_4PEQfr4OZSDpgSmJbmhOUWb-rH3rXaqBeeouVGeMG48jbx4hbQHiBGtjDEEN7YnKlrM8qlHconlCfo_9NdUGEgIXv0QYU9Y8L-vsk6lvr1w93bx0QSb6eCgYCmepJ2YtL6vOpy89OYLkPt4_DmW-J_qkDbZfdGmymLMaBA27YhOnm4JJPsazt59RkX8yuCzDWYHwFSupr64VFd09HKmHQNdXkD8s5FtFjYRcNoVJ8ngmovD6BjOhCkXyTvS41Zc4uC6Oprmb4sN6KGzwzN_NSkHK3Bwy515goPZIxwRvPADJ9uzLbyGiqABJRZSDFBTpyMyrc4C-hxFRT2mK9-95-3JUHRq3rMmQ3tN7sKkcdHMgXsBVqiwRcr2S2FAYLAf95Dbx8R9HsH0gQlO0F1BfXKWnNDygymueW98kaN7X5gjYgqHRPgl0R_SvDPdjsSbamXWrN9TUKyvJyPtH-ZbNpLkxEL_VrmjL-unv0UrXs7wLBk0xsgXOh2aF0tpUFxlMaBAEZKGZvsDntLLSwsvb0o6bay57QqrOjajIdq5pdeO-Z59KPL4odLsgoLKjPvNDtQZtFrO07Zi09DGdLhdGFKRZ-AkVC8Ua52VsNu6mbp7SmoYad7XKC6PJIxUMaIRSel_6If7QUjfF1090XcoSqtpYqB1JRB4oWrscINuCHIVZXVx87sLyapwID_LuPQ-BkBns3a3-_IUH8VCfsyZssjh6n-L_2fQFwdVmYiP7eOUqA7Uj9Fh7Pyw1z2CdoYip_ngPf0l-qnlNywAgnYAJxHcozlhJLxcLGEcQ7UbcYf0t0psVic28rtb-feA6pUvwPD2T6eBT7YD4NWCQO22UW5xHOYs-xQe6irsezqhGe2xWy2nMvuKhwxkaExZC1VmWRxK_p-Wkv-ICz4Wgfet-SUxx0KNFmRuStJCMZLz3XWB1_xFDZbClpt3jJO5q8o4QkkI-fejKqGKt1ubfycn8o7KtHSXbXCaNiXekhFkLQoupCVjG0BrpRrsVAbb1VE5T-YvURMIbXoertBYyUf-yPlE_o_JOb6vV-5Q5B3lnidrw1NUrkwKgZ0qXAuRnZlrBwLBO57i9KRvvlbpAONlCVQuQI15i2uAQSgnpwgqHJ75ECvWwvotO5FFoqQKR6EKtnrnRAf3LFQ8JR7ZjXOi2PeUnwMKT4Zi5JtqWO0z6nadQwuavD4OToBZwlltqPlXACtHezk2JyppG_JlL8becP0XSXncOZqnTVG3cHR4VNTdOCzqin8aAm87_c05_mj_21mbGidJAuq2kpRnQ0gcWFkdsxZjcK4UuuZLEWExcO9jfQGKQEEM-XLrDlnCzP07myMp2rCUPksCcMbsVapDT_lTNGSsVCz8oN-yOZVKvPMBJqn5CMATWr2YwOv_dgQhQb0X5mxMXj8CssFpEznC13gKqnQaIg7jEhu0eUg02iJY6KkoLkjg-6ZAnLASNJQWLh1s7qy7wAQUeiqO6EAg9yrQt_o7MEQcBS5BH8zO2w-u4CVYP1s3ij7tNpDKxW-5LORsgcfBbTYcI5we8xD1dxedU33dCPn2KsLwPhE4G4Zy8GOacJ27Q1Gd9UoGME2I3fCHnM8Gd1Ovm3jps2oTi87R_1Qy9SE0Nyv8Y67vSdf3RKhThfZFA_VIf7adgPMMZ6CbPQG-w0FZcKo7QzsTP1huF2oCf9LWek46EExrutlRxS9cE1WflWhe4cf0semq3m_sCrtgp1jwNZmEJSB1rFnU-_tLBnXx003yPbaykyVa5vdFsr7276epcLt-IFQToWupcvHIjrScPxS4pMYbi40tVDrbc2IeqsXLgYXhbGweWcVE3O7YN6T_e2xkM1xjC-MVZUjyGUE-xoCrZNpkzpTxPCzLgvNjqagJVGFgZ66ffoayljHxsDQOIkKrMQdb3bpBaTcvt-5hNH8jWX-6MwS8VGb0VPTJY_dEWRXTJEYfhzWS9foVSKQDkTAPrXUpNRpBmLRN-ki9vDX9dcKBWDNBkdtFcECNYcs2ZxwTpci2GJczd7xL3rcV0h5pV952yxmS0YBv-J6-1327cpj_eFyEvu-ae03YvrHx8Pvf0lfVRDpsDmw0eA&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Falkoora.livehd72.live%2F&ds=l&xdt=1&iif=1&cor=5956452578747817000&adk=1877897943&idt=203&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame 525B 36 KB
17 KB 166ms
122ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67645895;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CjK_OqLEfZbmcPLiYi9YPss2noA6-vPv_ctiuhpWdEpL-zbiGQBABIP6DuiVglcKmgrAHoAH646qkAsgBCakC5TzTeR-xsT6oAwHIA5sEqgSGAk_QOXExzOfxWGVtvrjNk9lwX8eCjGSsBtb95oDnNzP7X4WcK6RwJ0-LplW7Woy-hiYAZSWr_yIfHiAjvv8MQjPjqcFU1YU6jkeorlEezhsOJdGnfSQ2VDBaGB632XrfM1K1wT5LUn3lGpRumyB_M8QXe9uk7oH5PO2pVx15ydWn-mwlyNdX93TQW8eK-viP1WgXf_iiXPfZdC9hpahj9GzDAv1H-lJ6ipO0gJiHVCr7cWqOtHrgynspP7u8nI60bfk8mWoCzbSoRzQNzN7elvkodEVUHN_UlKe5tK5oUmDgr9E_uREiTpEQJFSl-CQFxKm--X16AVIIh94Vx4w_f7K4HyRuYgDABLaF1MDGBOAEA4gFnpehmkyQBgGgBk2AB-6b1dsBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERcgNAbAThZ6EFdATANgTCtgUAdAVAfgWAYAXAegXAQ&ae=1&gclid=EAIaIQobChMIuZCD5e3ggQMVOMzCBB2y5gnkEAEYASAAEgL7NfD_BwE&num=1&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&sig=AOD64_3ELwF8vUzY1txtczpF_0W0YssHew&client=ca-pub-6113467694901384&dbm_c=AKAmf-Akgx1k8Eo1cYxAJTnbduYBphMlU-wyogKluEw5NX5iPyiQANzii0PxY2TmTxXqnFNKRwKurZTc1PvgRkRPb5mmkLRFrTi6fXIi7v8b-A6WxwfyUgWhv34-OTGDAOxWs6ez_aHJgtMexImcJR8KwTvV1u4e2j5o2waHv_VzLgU_JUZGcZ4&cry=1&dbm_d=AKAmf-AuTaKDucOAwR49GyXporZLYTEOr-eGtxL7LaNEMhDcACmcK0Qc37kgumSywjvvltKnQQ7YxXYv6PYssTNG_jICHeWeUIusjedoJhv4zTKQqJcXeSDj8FdvqFMrZAZV0wFRtK8LRP5OZn0UOy2L1vaGRl3ZH8FzmsAP_sAAGpYAMFPw7D6diW7sN6B_GRbKAz5-zI-vDbgHm3Ns96GTUlnUvqCYLorFNX9235Wqk8fc5QuYN8G9VwlZ13PNlyNCZ8ZD9megadcsFd1mFHGWr_blK8kO2hvwjgmBCIgC42Sh9ZPULr5jbqybpgJjHVTWbPmZp_9MlRwa6mkxfs90i3zqkOJFYpQrpgtsW-8G-MZiwZiH2mQ5RTNMkzXiN8gmxu7_2p3nDk7onwA82hbL0IMnbBcJZbvxLYAq0AnaynxboDaFbC0JN6i3Ctrbyneej9QEUo5ADUolaBIKkkX12W7SrOoYdgygha7cvrtMO_Mh9qf6RwDQ7-KdJ-rUF8vg4soC2lxOf-F3aWJ9fY1PomNJzKjP0ZxTQQD-h5ASEY8kMmxhaexmcZb0n00Eo64lMTZkSwI1&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Aug 2023 15:08:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CE5 42 B
63 B 80ms
80ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DD1h4iE6DpmCJknaXeeq_nvo9ZExu-td3cB4wu70t3iLZpM7svzmouHidYvfDKjwy54hce4RPus-3f5QtYbjK3mfXIpkn3CZm0krtd9ro7Bdg_TM0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CE5 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1470300312021244209&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9CE5 89 KB
31 KB 159ms
157ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:14 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1135760/69474498/xbbe/creative/ Frame 9CE5 257 KB
78 KB 66ms
65ms Script
application/javascript 63.32.14.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1135760/69474498/xbbe/creative/adj?p=APEucNWkSb9LFsydZyzqmdFr8WWj2bz7lZI1qfFuOiHR59jP-HS5H2I&d=CokBAKAmf-AFOmkzfOu59gR0jiE9IxJ_G8oGbOLLQTbajPBxIHky2k9Ma4qcA3esTpC7Gau8xJXqbYmtdaigZW5JRIiv68EAFXxFlDjBOTpgtDA2YFEbU0J2eL2ZZ55UoKVxAJRAN9MQadevwFWDFX3zFsteFKla2qFtTOIp4sFzaPHpXtSieu0aPvcS2RUAoCZ_4PnzkanqGCvqtOncBLVDoQMtA8iDJY_uAbz4FzOxYbk-DU9iA-Ex24KQwUFAGoWoYaAXqd83fCumg44IXobzPdKT4TVLBV83Mu4iQr9lXkxeJWH8ZUQNG_aPNm2aLqEwNlOBmjgyY7VjM8Kk7TFC16ocKLLqTrnA3t7BOgIzq0U7d-Iq4BU5eJe4ayrmblQus_IJgID25zZ5jA8dtfVUx7fQYaLOzMxwRB0YaqHcsMpWelN-Po55Oy9a6L72xAfdnm83oi0rDx8J9lQLhnWsi2sE8-afcxLsUM3rshrkzwycXzYiTP1rqTVNDah8Rh0zRT73VOvwyi_rSRHVKW5K2Y5JUQin5HTfHTEtaLRcgoRp3RI4yVhDqgs1DmX6XHFnhvdZAT1AVzrsXh2XGHQeZavMuW5VsDLz3YBu-NWNkOIDvhV1qTMKWdDqWrK6gQmYgeBikS9J0VZvhv9y4r2c8c2iR5L4loHETwCdZgMpib62pT7Kxu5y82buY08oEBnFpT2WpD1VuQy8LoWMImCWbu4PjvO8Lbir7Ci57LtdnL0aRhktkKUD-AFM4sBzX9qBsI1fyUt1ibgn8fR5c7XmZ9wpuV_4kvYy7qR1zGyA8mb-wHNBbxnzMsIEDjwNXOmI4wjvVjer0AHsWE7HqE3CU3dsP9a62f9BMUh4g8pKO1dyLbGrgxSbKp9OUsDR3SFoz71vTEg2qFXqkZwzkYxXoEPqPtaHylF2KbVsXdl625c9KNkdjMYOgngv0K9BXup_FPr9sJeq5RU9d2qBmqv8LxO1BOCN6O23owLN6_gCw7qdjfWdyHKVEBeUGnoRU8s_l-ZiPTTUqgrcWyQLRPKWJuqZ17ii7hQyrY-UAZ1dABLdTkqW7hpp3kMuX8HmtOzMvpfLebwOvw-BwPg_7QjgtNfQXoakQTmSCYBnWtiAQy7oJOYZnOGjWxDnpJc_NjJ5IeByIPiLUdKgS-k3Ww6mA6EKkNNqFA0am5PYptNQlPaJyNYb31i4qvx1LtpFWaFXjQt5rGkO3hVfURwfq7RGSxijdSTDQ49qARJSEhIdfPxlmpXPhYuHuK6z_K8HJ6EbT5G-OBQ-50yTmW2a4Ohcpv0yHuME5ergftOTlsOCHy5FpF6T186WqRXX16txN2ctPESVNUCR2knCQtkR_Ik9Ho8cFLxuEhmLABOx5IxDId53iTjYAcROwyhmIaW44ZpbeyM5OpwVSveQXowMlnFDcGcyBBLsZHti7frooZKpXJ6RNQaRLiRKgSKXt3AHiK7EnEzz4QuQm4FcVGLS7I3T-rG7JmBYRc_0OeAZfwEVv7_9EqelO98IeUgucsoIgqaFwMvLrUwR5guFfXMfkLSZjbOAvTS8hjUHK_ckO0h0SNpBo7OmJ-YfjIBolgbUJaRB_tP5Ha_ywIU29awi3Sjq9n5jN1LEm-MTeXighFes7Nfa5HuKOSNDWZ_LLBedtvSEJ4aY-uhKdxG4Rrj4fPKal1Fv_GP7wowrAtIp2i4k4UZ1jnNsh96B7LDhw8eNNkPBwcM0ysXLd3QFwzrS18AjGhXHFAploxCxI9xDlKW5yl4wtR2j1ydZOQAjSclQgLlxEihF89kTDpc95uKYQHLitxmduefU2UWbFbnMxPMXj47LDHLgT4IAbkb-KCUf2aV8d04Oz_KGzebK_EpWx4eQ9JAZKYcl17IRNkZijClDZb8d2jo1533BEYoH6Z5XIuT3QnRnekla9ULweRd9ztvffD_8NRKS8DX8C9j4blYW01LTNWz4zSwbIQFt_zN8Cze_WxR2fHPrxJBN7RqPuta9P0Om-EOI4Na_SlWw_oHI9Q3g6FC638BN1NLDPurBjk-t5r3qPIDval3IyxHPCssWInsbAKnQH0eoH-ylwmB-eMjtqU4T5Lx0QamSkaSX7758-Un1gbFhf3PJ81CIE0BuvPvO1ReOLSSrWcR1kIsKqJo3OdV6V03jMcT_PjceB38QyoFxwoUpQz45XjHAV-DammUqJIOS4Za5Hh9OJNxFVPImR3k93Cfq_6K9deDixBAC6rUXd0QdA1mxbC40QyahxwrOWUiH-Nvlb6IRDron7nLVZaG1R0qul9h_QGI-zI8dpzW6jyN_0q8-OD1MZpo9DBR9FLSKbU4SYH-Wbe1WoAEHGl35WHSkA-9_nQHBUZIqF96PbMMPsQAYFkdjd3G_xskVPN_RVh3W9Hnhx7vXWxe1flbAI7sbhS-zqGVpsuVtXc_jLYhzOZodn_u8q357Z4CPlNbStlbJgLPjFXXSeYuWHYRRrXGB1A8s21NjtZZYNalAjTXy1vO3P_hhC4rDTAlskYVooNesWXKfSd2nCeNbMoEekogckiFPHoJ42gmDx6DI5NuakZzi4FSL-UKPwYdIufsyshqmG5kf6S8mST2hrytYb-s_UiJKHbV0-Rq7NYUAgxxQlWilIcnUth56wqh6q92sC3EsWjGc6Gy889oHBU11WVaHxIMPPsYWxejUQrhEDCBMa6rdlSy3WgwVD80EarZWpTYJAAyRFdV04feNotncnNsc2WALAbH4vez0-Rgb8WLGnkvhvwjKMSgKYIsxLRTUrAFn6VvKSRnsINeeM80M4orHPqprwF4VdVRLIUXbraEWV_z66EeV4n5ex7BPhaZHVSHmaYGGo5nOjunozd1Ygtkvne4rQBADgcZ0zKyTm8ouusziMjZ2oF2Q7kgmupghd9kwgaY-k_9W46W6tSZ5lk0cto6eeaNhuV6eYF20J0AGKuvzTg4gghVAUCbdlwwhK0QhlHABUWWh3F8hq-UwsEvz_srzw3OfNaO051vuaWLYIOu3ZlOl869lkYN1MZR00ouZGtgFCFRvEtPosX4LZSskgrm1CTnOY_hwPQQb9vj72roGEOe71vz1Ukz4thD7WFgV3CAL3pumyTDP9hRS7Hen59yH53OCJX1Jninl4ybO4kSmrdnSkT4ClvlBc6lZQnWTRsHSumUIyed5BGyHCL-J9zgL61UihnCcC40-vNHjdVTirZ0x2E1rSg2LXktJr7sfWZC9AXDDsw0OUjN61fyxFXBEst19PfBcT8hDivZad1xuR19RqnuhQgivoBwgOVG6L2GUAvta-AoKUCXvFFNR61-fv4aTG4er83iWXAnXzm9PsyxS2JXRWY0javPTiBPG42G-2554a2gGgxZm3weL4WTc1YAGqvx8kfn_XbiHbl1qGKgDgvMIypQtj6Fc3IXmaBdIRheLa3yrd33iloKjklo8e-ZU2-A7KGxd16Ev0yU_aJDaWxKVjeSHEW7jE7zu78GfF72mIxf_4BvkCQbEzrmHmxW3mxuQWuBX_tg7z7IV7mrMMjvdHbKNLC8gBr-t7gg7Og4eJIhrTNeyiCfmogpkiYcL6povumvEwJqgtq4I2ATPLutrNpo0qp2_gi0H2x5glRUE4oTjMxbk1p7Qcr_dKbDFKx4EbJHSPQOAGiAWpPNywq3AatJ0xPmKTjdxeOLdp9PkLqqkLCD0DCTLweM2ASj0SANxIUZYddG_2R5-ZJF7Nw5eQUTfNugHW5kG0PINl3KhEGxKdeVCql0YnbFbC-ISE0FSY4D5c8FW7vUYCEc2wwiD_WeHhKpfLprVKmh1HlN04Z2VZDsoQjE3SX0CbjP3wqJ33ckZPhVzs079u3ovjC-YUCYdQ5ZZOpE4kAYIldWgvlpPtVFgThpRCAQSSwDICaaNG1TQjeNWV1PVuai-kmwAx5dI5x_nSsf3fqzeV-N0ASzysDfziv9LbHaot2GmBX3V2v6BB3ZSrfywiVVaAc-Euv5gLJCkzBgBYAE&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-6113467694901384&ias_chanId=1&ias_placementId=20171342326&bidurl=https://alkoora.livehd72.live/m/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jEBIfMSLRRy848YrCB3DSM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.14.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-14-94.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 019dd03793f889ae3772fd1c365e8dd8917b0b0d9f96445ddaca1f0f141e663e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 9CE5 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:18:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 9CE5 20 KB
8 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:33:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CE5 187 KB
59 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 07:05:14 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2575 22 KB
8 KB 43ms
42ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DAAA 640 B
265 B 80ms
79ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjLydzgATAB&v=APEucNWs9NKh7F1FvkAP2lhL1l7k-H4vfQHRALDR5lTgptSQLqj2wwFuil4BEcdKkX4ABAhbeYtwD3vlsFGk1ketqGqxPb8r6uUVYKCbSswSk7I0-wz_Xv-_hD3-7klgXJ9vjqgT0wL--D_JAEDBENUlQ23v1cqJUEywwcbHSjT-9P2jIKILen4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:05:14 GMT
expires: Fri, 06 Oct 2023 07:05:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

passback_728x90.js Show response
static.adsafeprotected.com/ Frame 8945
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1474271/71242846/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-AIFOjgM7JnC1qvUbc5jQpXPQX2iEggOzwg-chhXPQezZZuUPdNupA...
https://static.adsafeprotected.com/passback_728x90.js

3 KB
2 KB

75ms
41ms

Script
application/javascript

2600:9000:21f3:0:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2600:9000:21f3:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
date: Mon, 02 Oct 2023 22:09:29 GMT
x-amz-cf-pop: FRA2-C2
age: 291346
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: nsOVRX2w87vtNbivwuHCzyhcPqX6taz1je417ThW6eQkO2N1bFZ_tw==

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 971E 91 KB
23 KB 151ms
47ms Script
application/javascript 2600:9000:21f3:0:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 10316726
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: vOdDr1uC1vRQEd4ioy6cz7qri2-9-fWzU6g8c-m2XIlJbShujFJx4A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8945 43 B
215 B 596ms
188ms Image
image/gif 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c41cc067-3020-bb78-b8a4-34f7af810b01&tv=%7Bc:qfuh9q,pingTime:-3,time:62,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:62,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B55~0%5D,as:%5B55~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tRT5DBk+11%7C12%7C131%7C141%7C151%7C1611%7C1711%7C1712%7C1811%7C191*.1474271-71242846%7C1911,idMap:191*,rmeas:1,rend:0,renddet:IMG.us,siq:29%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8945 43 B
215 B 590ms
188ms Image
image/gif 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c41cc067-3020-bb78-b8a4-34f7af810b01&tv=%7Bc:qfuh9v,pingTime:-6,time:67,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:67,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tRT5DBk+11%7C12%7C131%7C141%7C151%7C1611%7C1711%7C1712%7C1811%7C191*.1474271-71242846%7C1911,idMap:191*,rmeas:1,rend:0,renddet:IMG.us,siq:29%7D&tpiLookup=ao:alkoora.livehd72.live*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8945 43 B
216 B 575ms
187ms Image
image/gif 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c41cc067-3020-bb78-b8a4-34f7af810b01&tv=%7Bc:qfuh9M,pingTime:-2,time:84,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:374,beZ:375,mfA:377,cmA:378,inA:378,inZ:382,prA:382,prZ:396,si:401,poA:403,poZ:424,cmZ:424,mfZ:424,loA:440,loZ:443,ltA:457,ltZ:457%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:84,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tRT5DBk+11%7C12%7C131%7C141%7C151%7C1611%7C1711%7C1712%7C1811%7C191*.1474271-71242846%7C1911,idMap:191*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:29,sinceFw:54,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AA55 22 KB
8 KB 42ms
40ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2439 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame DAAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBvJwpSRdkjLRAvQLV44R68&google_cver=1

43 B
264 B

87ms
49ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBvJwpSRdkjLRAvQLV44R68&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjLydzgATAB&v=APEucNWs9NKh7F1FvkAP2lhL1l7k-H4vfQHRALDR5lTgptSQLqj2wwFuil4BEcdKkX4ABAhbeYtwD3vlsFGk1ketqGqxPb8r6uUVYKCbSswSk7I0-wz_Xv-_hD3-7klgXJ9vjqgT0wL--D_JAEDBENUlQ23v1cqJUEywwcbHSjT-9P2jIKILen4
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBvJwpSRdkjLRAvQLV44R68&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame DAAA 43 B
136 B 153ms
50ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjLydzgATAB&v=APEucNWs9NKh7F1FvkAP2lhL1l7k-H4vfQHRALDR5lTgptSQLqj2wwFuil4BEcdKkX4ABAhbeYtwD3vlsFGk1ketqGqxPb8r6uUVYKCbSswSk7I0-wz_Xv-_hD3-7klgXJ9vjqgT0wL--D_JAEDBENUlQ23v1cqJUEywwcbHSjT-9P2jIKILen4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame DAAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJ1iRVTuDw0OAtG1K--zbHc&google_cver=1

23 B
163 B

160ms
89ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJ1iRVTuDw0OAtG1K--zbHc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjLydzgATAB&v=APEucNWs9NKh7F1FvkAP2lhL1l7k-H4vfQHRALDR5lTgptSQLqj2wwFuil4BEcdKkX4ABAhbeYtwD3vlsFGk1ketqGqxPb8r6uUVYKCbSswSk7I0-wz_Xv-_hD3-7klgXJ9vjqgT0wL--D_JAEDBENUlQ23v1cqJUEywwcbHSjT-9P2jIKILen4
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Fri, 06 Oct 2023 07:05:14 GMT
pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEJ1iRVTuDw0OAtG1K--zbHc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame DAAA 23 B
163 B 278ms
140ms Image
image/gif 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjLydzgATAB&v=APEucNWs9NKh7F1FvkAP2lhL1l7k-H4vfQHRALDR5lTgptSQLqj2wwFuil4BEcdKkX4ABAhbeYtwD3vlsFGk1ketqGqxPb8r6uUVYKCbSswSk7I0-wz_Xv-_hD3-7klgXJ9vjqgT0wL--D_JAEDBENUlQ23v1cqJUEywwcbHSjT-9P2jIKILen4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Fri, 06 Oct 2023 07:05:14 GMT
pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame 2575 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 05:53:08 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 4777 9 KB
5 KB 41ms
41ms Script
text/javascript 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=67645895;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CkidYqLEfZbicPLiYi9YPss2noA6-vPv_ctiuhpWdEpL-zbiGQBABIP6DuiVglcKmgrAHoAH646qkAsgBCakC5TzTeR-xsT6oAwHIA5sEqgSGAk_QBKXmMDpmKknXTH3Qq4hdrHmT3jDrJ_eTLmdl_rjxwBJ3oub0P6nXMAwc3cqm3p_PHuNx1es095WEPGIGqhYgTSZ8mcK53RK4UJ-A6DnddaL4EmgnL99K4b2d1q0EgTjIOLRbm3XwN_QeKNtTLt2AxJjSvO3sRuDh6D20Zm8f2-q8LLhJ8pg3W30WE9odjhCeoxdrxOKxHkJUApMqGb9mEDnlhK0wYVFXh2i4sGamDl2PF4-I-N_gkahoh5spxLfcYINoifpSkmnzm4vmQtkb5smC6bniEDGa6l9D3yQbG-QwW_4YtAPMP8AcRT-9z6JynPf8xIE9Lw9F3ayMItAY_l5E9IbABLaF1MDGBOAEA4gFnpehmkyQBgGgBk2AB-6b1dsBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERcgNAbAThZ6EFdATANgTCtgUAdAVAfgWAYAXAegXAQ&ae=1&gclid=EAIaIQobChMIuJCD5e3ggQMVOMzCBB2y5gnkEAEYASAAEgKJhfD_BwE&num=1&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&sig=AOD64_3_NvtR58h90_yoSzY_XBhWtPTqVg&client=ca-pub-6113467694901384&dbm_c=AKAmf-DxdEdXlnI7md7LdJ4yXkR2L57bh4za7rcUdXtJh6YFkXXSs1ZCeiT177NHRx-HyK25siIeo3WMI107yISvCYXtIoxlxBT9vwzGoFPmHtZ3D7na9iXt260qHu2aKYhwmLUFU3VI8Um3e8JA7WZEXbpqLNZMaX6BziPKcEs0rW9ba1V8-g0&cry=1&dbm_d=AKAmf-C3M72GAd7DxAGhbG2dFPSvRKKFRWWmQroRwjHDOisCXRf_hGcsb2JAIndXF1Kxkv3rf0eqrvqQ-4_voSVsdLxf1Kmmu7NWf2NneaduKGwp5VNqfXwHMTKyTf6mLiMGzYziH_4Lu9RO9o6Mz81bDhBIzcBEvR2bvn25-bO2HvrRHxtjQtf1m2T2yOUbgkcLrOE0225DIkhT6yojeIAR0yrqP1LT_H0y5l7vwgtdWiozgzGVQ4tIZ21Iu5F7tmkZ1rX1usX7iRM7Cc7y83iUu13zzYUGeRXBWV1FGMPq4C_TVNImE-t7SyHDIUTRly23DOe8YFXKVG3pkFONxSfLKOKyrMMpneZiIfhL1x_cVCpYZhdo7pcMqpX1mSGkiZoaZxhUwO08Bm1cc0RRfnQ5E8kE-hNkf4OiSioe3HipUpKDSiulVKofVK2BHJqHacwiCM3HwvzRUcjT7VmBxPxDnME3LESOaUb8eWze4SRd9Vbylws7QNmQ7eEg1oyP6by1r-Kt3ReriS7DSysVdfVuslaaiZofruJJQia9fp41NV1sphyn4Ol01TXENUoBAQS_LgR2WZVu&adurl=;js=1;adfxid=1x;7319;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Falkoora.livehd72.live

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

302f244e54d9b93029a8583137493d2844dbd3550ca059dc086c364982ba1313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4084
expires: -1

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame AA55 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 05:53:08 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 525B 9 KB
5 KB 42ms
42ms Script
text/javascript 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=67645895;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CjK_OqLEfZbmcPLiYi9YPss2noA6-vPv_ctiuhpWdEpL-zbiGQBABIP6DuiVglcKmgrAHoAH646qkAsgBCakC5TzTeR-xsT6oAwHIA5sEqgSGAk_QOXExzOfxWGVtvrjNk9lwX8eCjGSsBtb95oDnNzP7X4WcK6RwJ0-LplW7Woy-hiYAZSWr_yIfHiAjvv8MQjPjqcFU1YU6jkeorlEezhsOJdGnfSQ2VDBaGB632XrfM1K1wT5LUn3lGpRumyB_M8QXe9uk7oH5PO2pVx15ydWn-mwlyNdX93TQW8eK-viP1WgXf_iiXPfZdC9hpahj9GzDAv1H-lJ6ipO0gJiHVCr7cWqOtHrgynspP7u8nI60bfk8mWoCzbSoRzQNzN7elvkodEVUHN_UlKe5tK5oUmDgr9E_uREiTpEQJFSl-CQFxKm--X16AVIIh94Vx4w_f7K4HyRuYgDABLaF1MDGBOAEA4gFnpehmkyQBgGgBk2AB-6b1dsBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERcgNAbAThZ6EFdATANgTCtgUAdAVAfgWAYAXAegXAQ&ae=1&gclid=EAIaIQobChMIuZCD5e3ggQMVOMzCBB2y5gnkEAEYASAAEgL7NfD_BwE&num=1&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&sig=AOD64_3ELwF8vUzY1txtczpF_0W0YssHew&client=ca-pub-6113467694901384&dbm_c=AKAmf-Akgx1k8Eo1cYxAJTnbduYBphMlU-wyogKluEw5NX5iPyiQANzii0PxY2TmTxXqnFNKRwKurZTc1PvgRkRPb5mmkLRFrTi6fXIi7v8b-A6WxwfyUgWhv34-OTGDAOxWs6ez_aHJgtMexImcJR8KwTvV1u4e2j5o2waHv_VzLgU_JUZGcZ4&cry=1&dbm_d=AKAmf-AuTaKDucOAwR49GyXporZLYTEOr-eGtxL7LaNEMhDcACmcK0Qc37kgumSywjvvltKnQQ7YxXYv6PYssTNG_jICHeWeUIusjedoJhv4zTKQqJcXeSDj8FdvqFMrZAZV0wFRtK8LRP5OZn0UOy2L1vaGRl3ZH8FzmsAP_sAAGpYAMFPw7D6diW7sN6B_GRbKAz5-zI-vDbgHm3Ns96GTUlnUvqCYLorFNX9235Wqk8fc5QuYN8G9VwlZ13PNlyNCZ8ZD9megadcsFd1mFHGWr_blK8kO2hvwjgmBCIgC42Sh9ZPULr5jbqybpgJjHVTWbPmZp_9MlRwa6mkxfs90i3zqkOJFYpQrpgtsW-8G-MZiwZiH2mQ5RTNMkzXiN8gmxu7_2p3nDk7onwA82hbL0IMnbBcJZbvxLYAq0AnaynxboDaFbC0JN6i3Ctrbyneej9QEUo5ADUolaBIKkkX12W7SrOoYdgygha7cvrtMO_Mh9qf6RwDQ7-KdJ-rUF8vg4soC2lxOf-F3aWJ9fY1PomNJzKjP0ZxTQQD-h5ASEY8kMmxhaexmcZb0n00Eo64lMTZkSwI1&adurl=;js=1;adfxid=2x;5003;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Falkoora.livehd72.live

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f8a4d33f7ea17080f8607fc96683732f94cac3a89d9f0a377d261eaf2ef31a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4086
expires: -1

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame 2439 37 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 05:53:08 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CE5 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6186645077026&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CE5 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6186645077026&version=m202309260101&ct=76&x=1&cor=1470300312021244200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9CE5 16 KB
12 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfvE84JXPrObInI0GUauimvmnd5IE2sSIH4et6AjFH-XDWeNJBC94BSS90o93om-zYDrZIBxzk0Mx3vRFVSrFA4TkbYhMhxcU20OzsX_3LhIeWkkmwb95esUHdsOcllvtid-OKISEk6ORfEmRSvuZU0ExtGcKiIijcWp6XHuPb1WSx5us&cry=1&dbm_d=AKAmf-B5SAPShfy-8OezIfhlJaE3-6Y5GknpmwDrX19uOs3NRpfl6f5LN8U9L2rCpAQYn-u7kVUJUF5SBm4bvRJVm2xAaYQyNuiVuPH4aAzSTvYWcULiYJMxWaoGaD_VgFmzWJPx0IluZWYlBNOGza1PvQjuvsqMDYrhg-gwEsPP4i497Ec07PKn_ws7WoiRH3_ZZma1Q09V2DDrRFD-sDVOn4QwbMAo8NmEL-Hg17p23dNObGJjKlfKP8FmgewSJSVsCSZPwdlKn-VwYi9bn5P54CsT-yVor00wPm-2t2iEzixT2OOe8fYBfRVJU29OwvrUpfI9mJfxAlJCRwJ2RRGghJyohJkwViYuMU7JZ585tkdZYvy2Nb8uO9F54QMavDej0pZ6z_wrBpqJVz_d15OzO2dojfpWbmlyN_4tldA38MPcsUB_xfkKV1mhCB-Gc1H6QUGsr_M1RRcBHaIjB_0yzORJSCkdQa_xnv20_0gDFlKa1SJnVJ4JpbKUKpSdTQLF7yFM1VFxKw7VDhm-THVaCiViI7gI5Zw6dzaGbHik3ML9vQLTB8g6Nb-eNLmzvOebVOIQYjzTKQoPmt3MU_aSPVUWosvOo8ZhXFlUvRGrvvrQaaM2nukEdBxqZURPDQpA6pXN--7xaz0VkBmFmzABHV6cFp1VuIOT5cyixH0lyFKQVsl0oJpVO0JuIzM0u6L5SQs3uKU5xcfzxo1Fz-zD85N4Z4GfGDedzM9BtwxhkOxt7YrsoteRZdPaU2w1Xx_2ccHjdPZkd2aIm5EBY0JUFQSdNJFUPvU7q5YtR7IHag6HV4J3_IpHNtMWCpg6JIbrDvDgnplV-5JRumbXdhcgDnLrB6a3wTPPywpKjBpPsf84EFPm_QnBblEP1scs5FnrXGqwTY3RYqhgSDknkdatkosM7fHcywxwyqpr4hzqQmGz2WzYld7x652D5HTcwt2r7ujPdWKbG7Jpne-iXQ3LfKFsENLq4K991jLBCsC1sPGp_46MtCNs8Yl5P0jy4p_-6A8v-Jcno5c0ukqqx1iodiKCp_zWPZv85mUHmHndfWVfjtQ8al4ENKYTe0gypk-brn1w9GhRkivyiVblKmhSYy61JgpXwElFDCuT8rpa8XQaGPFmkxBi9qbScdL9SDj0z8JPdszogfZGXwN0jcLseT-pcRKiiLTVWajjYRWZOhb2PzTebuxMVui9JsbForp0YWun_GyaUohsTFa7-RzyUw24_U5aLzNJEwPiL4HNzyAM4z38ewDbgqAi6G9newKEmAIcvKk46JxoyRsJUUkMBrjiQzIey0ASIQpWt7I-qCsqxY6VDX9-jh7mCF5S_cWlVUNZFxQ44fLY1guOocE9bEiP-6sxol3inYo-xHYHksg0ZUVD1deDwaF3aTGs8bHELP1zFzGYi0WwU1mEYaEgTT-GgaLzV9qO-kRCnv6tl-fneVTNgoreNk48ydDwW0vYkBtbuGr9lJipyF41wS2Bi8aXzUzAlglrJRw3OCkVNfrJkaUmKGB6F7b01JY7H9aH-muZovS8_pUGwk-Z7v4gd72UZwgnZmO9l46K8SsrEsrL1EgrA4ulpBHnpw2sW19WgYEXAMaIUrvM6LjccY3I9k06qDDbsbUndqnHZSXqq-TY3iGH5EXVuHJeKXQpGo1esiJWpFl6imE-Kj1d6xOKhxunV-iEL-qo3sJQRGCPXiGuFlJxOkCs7ZW9uQqdlpB5KMYxYkeCqu3w3eVtohfUj1hRNUpbXZ3XFVP5-GwCGsnf741gqFLKRtRspJ8_WT5OwQRdXzUsmJLSuD1UP0u-i6YpK0109MtQvGErao16J3TEmE2I9eKEMwdR1SvNTSRcIwLJ1gjDO6x0JBzCNKz7HpZ_wsx-qY5tVvZDsJKNehh17DKDH54-FWJSsUuhy97_JlDH8PbCY4xMZYN5PmzlUTLeLRLeCxtgoPB4epLd1-hPulxdkkEQ71Veh5LsqPPVcdOoI31x3Dq1NBqZK8HrFqPxm0NPXy1Fu4oolNKffigzDwppaichiXzMu6tZP0uSXwK8CZVpylBLAuuDtfOBRNUnfKzIahbXhk36GIBqd2xsvMi1foB7ptY6m2ply1Mets2UYDdxqz4ZWPEn53Wq1n8kxJYZLgR2unc8UZS5fW5MzOECnUdIDJ1VHCp9A9ElnffWfzJVw2Q-HrP1y0AW7UHXRAzgte_92FsrvckiJzXrSE2JFFvbKyX4aC7V9cx8S4IcAvIy2VCHGeuekhq1qAEhWGxw2uIPTZ8Ycx5JB3bARM4aHHrSfjSkgFooXNax31XKjGydeJbJxSK5KCK_c2UCLxVKjaI-MudQC6zF23o5zu1OWDGrcP4nhuW2leKE6AQihsaQtJQUpPZDnioWIzuk-nnIme3Nw8vutroPVnI7kco73GuV1JqXq2ZToo2fLoEfXQuX-0QuRTBGCFTF4hfQXftcPYR-lYbEct-QKaoq7omZ5_cqipkY9n1lSqmSzfoHQk0gY9_8yb6-cmJ0SsjDyQRGpTbqBmA7My4IAoGAszIoNqBEYYC6b3xMNBHCBJBHsR5bQ6t4YqDsYKeOW3kmFWMkKCF3TtehsLfa2qZMiXthTZnFkNLsXqjVJW2ubjxDYKVQmMmhXEj1tOs7tXTEaMTx7nfCjZqHja87M2nvTadkOaMbuzsVDnRixLBD7XZ9VZr9q18jj-1cNv4M5pwDBSAs6X_3LpRA6XpAavdDLcnXY4PGiP4jaIF7-yRYT4HBogo8u2UMw-lPW8KhEOOxU9s8qIho90ihKfiMUBeKwgiRmfYcvCZrVTOi6KRV3DV6d4FIxxIU7AXS9ONou62JVdWH4qOnNaJg8N4MFZlOgBQ8PwP0gL__3WmwrRHjNaqHtRAgtZaZAvRcyFO8HGrjnkMySd6gX9gPK0V2lvh0MSPiA3HLhzmdpCeyNMO1GQQpFJGSrmRU7Mgy_qL0E206r3CDhi5UrebToj6fol9c0e9JxcuU2akj_5s4U9vUb-MtvGq2kUbVH20DsLRmiRmrEtsTDUvG2w8nY9EDfds2E7cYLJ7EaPJIO28fUs5U030vEjRvY5QbMmI4NDP2rqfz93OaLyeWENfXwjG3mCT7BH5OHUs&cid=CAQSSwDICaaNG1TQjeNWV1PVuai-kmwAx5dI5x_nSsf3fqzeV-N0ASzysDfziv9LbHaot2GmBX3V2v6BB3ZSrfywiVVaAc-Euv5gLJCkzBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Falkoora.livehd72.live%2F&ds=l&xdt=1&iif=1&cor=1470300312021244200&adk=1964084972&idt=176&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89538cc8ff33b3fd2fba7398d0874447ae46cc56828735a5a285d48849a21d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12217
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 8945 10 KB
10 KB 48ms
43ms Image
image/png 2600:9000:21f3:0:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 06:10:24 GMT
x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 521691
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
etag: "b1464a7201f691a1e4cf6fc057919d7f"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: RcUIi_soWYh1KdA1lze4L1GdlfS9rLUTWvEcSVp2WsP2C99rlGbVvw==

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 4777 0
338 B 210ms
57ms Image
text/plain 63.33.100.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=vzkbcd8um&campaignid=3123157&advertiserid=IKEA+DE+Mediacom&placementid=11051734&adid=60477770&creativeid=60477770&siteid=1734703_&rnd=97625
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: beacon-n005-dub-prod.krxd.net
date: Fri, 06 Oct 2023 07:05:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=57 t=1696575914
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 Standard Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 4777 91 KB
39 KB 53ms
52ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Aug 2023 15:08:03 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 525B 0
337 B 153ms
58ms Image
text/plain 63.33.100.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=vzkbcd8um&campaignid=3123157&advertiserid=IKEA+DE+Mediacom&placementid=11051734&adid=60477770&creativeid=60477770&siteid=1734703_&rnd=79679
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: beacon-n002-dub-prod.krxd.net
date: Fri, 06 Oct 2023 07:05:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=47 t=1696575914
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 Standard Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 525B 91 KB
39 KB 52ms
52ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Aug 2023 15:08:03 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9CE5 41 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfvE84JXPrObInI0GUauimvmnd5IE2sSIH4et6AjFH-XDWeNJBC94BSS90o93om-zYDrZIBxzk0Mx3vRFVSrFA4TkbYhMhxcU20OzsX_3LhIeWkkmwb95esUHdsOcllvtid-OKISEk6ORfEmRSvuZU0ExtGcKiIijcWp6XHuPb1WSx5us&cry=1&dbm_d=AKAmf-B5SAPShfy-8OezIfhlJaE3-6Y5GknpmwDrX19uOs3NRpfl6f5LN8U9L2rCpAQYn-u7kVUJUF5SBm4bvRJVm2xAaYQyNuiVuPH4aAzSTvYWcULiYJMxWaoGaD_VgFmzWJPx0IluZWYlBNOGza1PvQjuvsqMDYrhg-gwEsPP4i497Ec07PKn_ws7WoiRH3_ZZma1Q09V2DDrRFD-sDVOn4QwbMAo8NmEL-Hg17p23dNObGJjKlfKP8FmgewSJSVsCSZPwdlKn-VwYi9bn5P54CsT-yVor00wPm-2t2iEzixT2OOe8fYBfRVJU29OwvrUpfI9mJfxAlJCRwJ2RRGghJyohJkwViYuMU7JZ585tkdZYvy2Nb8uO9F54QMavDej0pZ6z_wrBpqJVz_d15OzO2dojfpWbmlyN_4tldA38MPcsUB_xfkKV1mhCB-Gc1H6QUGsr_M1RRcBHaIjB_0yzORJSCkdQa_xnv20_0gDFlKa1SJnVJ4JpbKUKpSdTQLF7yFM1VFxKw7VDhm-THVaCiViI7gI5Zw6dzaGbHik3ML9vQLTB8g6Nb-eNLmzvOebVOIQYjzTKQoPmt3MU_aSPVUWosvOo8ZhXFlUvRGrvvrQaaM2nukEdBxqZURPDQpA6pXN--7xaz0VkBmFmzABHV6cFp1VuIOT5cyixH0lyFKQVsl0oJpVO0JuIzM0u6L5SQs3uKU5xcfzxo1Fz-zD85N4Z4GfGDedzM9BtwxhkOxt7YrsoteRZdPaU2w1Xx_2ccHjdPZkd2aIm5EBY0JUFQSdNJFUPvU7q5YtR7IHag6HV4J3_IpHNtMWCpg6JIbrDvDgnplV-5JRumbXdhcgDnLrB6a3wTPPywpKjBpPsf84EFPm_QnBblEP1scs5FnrXGqwTY3RYqhgSDknkdatkosM7fHcywxwyqpr4hzqQmGz2WzYld7x652D5HTcwt2r7ujPdWKbG7Jpne-iXQ3LfKFsENLq4K991jLBCsC1sPGp_46MtCNs8Yl5P0jy4p_-6A8v-Jcno5c0ukqqx1iodiKCp_zWPZv85mUHmHndfWVfjtQ8al4ENKYTe0gypk-brn1w9GhRkivyiVblKmhSYy61JgpXwElFDCuT8rpa8XQaGPFmkxBi9qbScdL9SDj0z8JPdszogfZGXwN0jcLseT-pcRKiiLTVWajjYRWZOhb2PzTebuxMVui9JsbForp0YWun_GyaUohsTFa7-RzyUw24_U5aLzNJEwPiL4HNzyAM4z38ewDbgqAi6G9newKEmAIcvKk46JxoyRsJUUkMBrjiQzIey0ASIQpWt7I-qCsqxY6VDX9-jh7mCF5S_cWlVUNZFxQ44fLY1guOocE9bEiP-6sxol3inYo-xHYHksg0ZUVD1deDwaF3aTGs8bHELP1zFzGYi0WwU1mEYaEgTT-GgaLzV9qO-kRCnv6tl-fneVTNgoreNk48ydDwW0vYkBtbuGr9lJipyF41wS2Bi8aXzUzAlglrJRw3OCkVNfrJkaUmKGB6F7b01JY7H9aH-muZovS8_pUGwk-Z7v4gd72UZwgnZmO9l46K8SsrEsrL1EgrA4ulpBHnpw2sW19WgYEXAMaIUrvM6LjccY3I9k06qDDbsbUndqnHZSXqq-TY3iGH5EXVuHJeKXQpGo1esiJWpFl6imE-Kj1d6xOKhxunV-iEL-qo3sJQRGCPXiGuFlJxOkCs7ZW9uQqdlpB5KMYxYkeCqu3w3eVtohfUj1hRNUpbXZ3XFVP5-GwCGsnf741gqFLKRtRspJ8_WT5OwQRdXzUsmJLSuD1UP0u-i6YpK0109MtQvGErao16J3TEmE2I9eKEMwdR1SvNTSRcIwLJ1gjDO6x0JBzCNKz7HpZ_wsx-qY5tVvZDsJKNehh17DKDH54-FWJSsUuhy97_JlDH8PbCY4xMZYN5PmzlUTLeLRLeCxtgoPB4epLd1-hPulxdkkEQ71Veh5LsqPPVcdOoI31x3Dq1NBqZK8HrFqPxm0NPXy1Fu4oolNKffigzDwppaichiXzMu6tZP0uSXwK8CZVpylBLAuuDtfOBRNUnfKzIahbXhk36GIBqd2xsvMi1foB7ptY6m2ply1Mets2UYDdxqz4ZWPEn53Wq1n8kxJYZLgR2unc8UZS5fW5MzOECnUdIDJ1VHCp9A9ElnffWfzJVw2Q-HrP1y0AW7UHXRAzgte_92FsrvckiJzXrSE2JFFvbKyX4aC7V9cx8S4IcAvIy2VCHGeuekhq1qAEhWGxw2uIPTZ8Ycx5JB3bARM4aHHrSfjSkgFooXNax31XKjGydeJbJxSK5KCK_c2UCLxVKjaI-MudQC6zF23o5zu1OWDGrcP4nhuW2leKE6AQihsaQtJQUpPZDnioWIzuk-nnIme3Nw8vutroPVnI7kco73GuV1JqXq2ZToo2fLoEfXQuX-0QuRTBGCFTF4hfQXftcPYR-lYbEct-QKaoq7omZ5_cqipkY9n1lSqmSzfoHQk0gY9_8yb6-cmJ0SsjDyQRGpTbqBmA7My4IAoGAszIoNqBEYYC6b3xMNBHCBJBHsR5bQ6t4YqDsYKeOW3kmFWMkKCF3TtehsLfa2qZMiXthTZnFkNLsXqjVJW2ubjxDYKVQmMmhXEj1tOs7tXTEaMTx7nfCjZqHja87M2nvTadkOaMbuzsVDnRixLBD7XZ9VZr9q18jj-1cNv4M5pwDBSAs6X_3LpRA6XpAavdDLcnXY4PGiP4jaIF7-yRYT4HBogo8u2UMw-lPW8KhEOOxU9s8qIho90ihKfiMUBeKwgiRmfYcvCZrVTOi6KRV3DV6d4FIxxIU7AXS9ONou62JVdWH4qOnNaJg8N4MFZlOgBQ8PwP0gL__3WmwrRHjNaqHtRAgtZaZAvRcyFO8HGrjnkMySd6gX9gPK0V2lvh0MSPiA3HLhzmdpCeyNMO1GQQpFJGSrmRU7Mgy_qL0E206r3CDhi5UrebToj6fol9c0e9JxcuU2akj_5s4U9vUb-MtvGq2kUbVH20DsLRmiRmrEtsTDUvG2w8nY9EDfds2E7cYLJ7EaPJIO28fUs5U030vEjRvY5QbMmI4NDP2rqfz93OaLyeWENfXwjG3mCT7BH5OHUs&cid=CAQSSwDICaaNG1TQjeNWV1PVuai-kmwAx5dI5x_nSsf3fqzeV-N0ASzysDfziv9LbHaot2GmBX3V2v6BB3ZSrfywiVVaAc-Euv5gLJCkzBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Falkoora.livehd72.live%2F&ds=l&xdt=1&iif=1&cor=1470300312021244200&adk=1964084972&idt=176&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 23:31:37 GMT

GET
H2

200

passback_300x250.js Show response
static.adsafeprotected.com/ Frame 9CE5
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1135760/69474498/xbbe/creative/adj?p=APEucNWkSb9LFsydZyzqmdFr8WWj2bz7lZI1qfFuOiHR59jP-HS5H2I&d=CokBAKAmf-AFOmkzfOu59gR0jiE9IxJ_G8oGbOLLQTbajPBxIHky2k9Ma4qcA3e...
https://static.adsafeprotected.com/passback_300x250.js

3 KB
2 KB

40ms
40ms

Script
application/javascript

2600:9000:21f3:0:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x250.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
Protocol: H2
Server: 2600:9000:21f3:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:25:19 GMT
x-amz-version-id: vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding: gzip
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 527996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
server: AmazonS3
etag: W/"44f0ac540dc9c11f94344414c879b658"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: Va0JYSvwlVLdYsyqb8Ma5NC3E2nSsIuUsQ8P-gtTZ8xaXlMg-m5Lmw==

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D12C 91 KB
23 KB 46ms
45ms Script
application/javascript 2600:9000:21f3:0:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 10316726
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: wQviwvrx7QiqcttnpNJO4lcco1s_ddlzdUE0xT7yezJz5iGvzb6UbQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE5 43 B
215 B 214ms
188ms Image
image/gif 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=627b650f-c059-5cf9-c2a6-5b1b1d908ec7&tv=%7Bc:qfuhfB,pingTime:-3,time:72,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tRT5DHl+11%7C12%7C131%7C141%7C15*.1135760-69474498%7C151%7C1611%7C1711%7C17121%7C1811%7C18121%7C1911%7C1912%7C19131,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,siq:22%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE5 43 B
215 B 394ms
371ms Image
image/gif 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=627b650f-c059-5cf9-c2a6-5b1b1d908ec7&tv=%7Bc:qfuhfD,pingTime:-6,time:74,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:74,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B67~0%5D,as:%5B67~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tRT5DHl+11%7C12%7C131%7C141%7C15*.1135760-69474498%7C151%7C1611%7C1711%7C17121%7C1811%7C18121%7C1911%7C1912%7C19131,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,siq:22%7D&tpiLookup=ao:alkoora.livehd72.live*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 /
track.adform.net/csimpr/ Frame 4777 35 B
600 B 39ms
39ms Ping
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=67645895&csi=NESgBMBHnD5HGk4jHv74O8MG0DD5YgQZNq7mtq_M01frygPkIxxfkwgn-ttQsbNvNjSFEhahBfwsONU43udzv96vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE5 43 B
215 B 357ms
356ms Image
image/gif 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=627b650f-c059-5cf9-c2a6-5b1b1d908ec7&tv=%7Bc:qfuhgi,pingTime:-2,time:115,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1800,beZ:1802,mfA:1804,cmA:1806,inA:1806,inZ:1810,prA:1810,prZ:1816,si:1822,poA:1823,poZ:1847,cmZ:1847,mfZ:1847,loA:1874,loZ:1877,ltA:1915,ltZ:1915%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tRT5DBk+11%7C12%7C131%7C141%7C15*.1135760-69474498%7C151%7C1611%7C1711%7C17121%7C1811%7C18121%7C191.1474271-71242846%7C1911%7C1912%7C19131,idMap:15*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:22,sinceFw:91,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 /
track.adform.net/csimpr/ Frame 525B 35 B
591 B 42ms
41ms Ping
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=67645895&csi=52drhxsX-bEF7CqW512i3D8ih0xAw1b0Nq7mtq_M01frygPkIxxfk492nitpSBAm2aTGAjcSNiwN7UZZjxETAt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
DATA 200
OK truncated
/ Frame 4777 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3097ee88bac26e9a269959817df09c02ba2a1ed452a07830c5318d57870ad8ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7160 38 KB
13 KB 43ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 109123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:46:31 GMT
expires: Fri, 04 Oct 2024 00:46:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 13489147.js Show response
s1.adform.net/Banners/Elements/Files/2006433/13489147/ Frame 9848 14 KB
4 KB 41ms
40ms Script
application/x-javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/13489147.js?ADFassetID=13489147&bv=258
Requested by: Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 96891605102d9fa142070c4eafaa951822ace0eb231eb51c4bb0809817ea7a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 16:17:18 GMT
server: nginx
x-amz-request-id: tx00000865606a95a48bd2f-00650cbd97-3295f919-default
etag: W/"b28bdc2cd4fe3ba6f5116092beff8558"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
DATA 200
OK truncated
/ Frame 525B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f6f9cf957275105792c25170850c0e172aef14a2ee07b4ffb029892f4b70d49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2575 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9hfRqrEfZZDhC6iQjuwP_c6N6AkAAAAAOAHgBAI&bg=!0tGl0Z7NAAYMG8UMLBs7ADQBe5WfOJyXqFOschWQyZzNClVQPgjaVx7rb8Xg6xXbyVHmMOVw_UKYlAz9R7OL3QLw_My2AgAAAThSAAAABmgBB5kDHNtI7HkBTN2R9k2thMiNfb74Wd07Gt6T0BTh5N0NJuGZNzUceK6qjkhLxrqPCvkpZRoRXwTCzyBeYGpCoaEA_UGt_7bY6OxGRE_fbnprsKF32GNYn2qN0-WvOEbll1fgmwlyP5TMofDtlNaBE5IeaEB5TEefpEvH3kWQtdZ_br2pjWrgVDT-GQshytkMMCJhikK0D2EKQZeLpnLrsBKfgGx524K-WKKspI78qvrLG0UdiPmV62n1-Cu0FAcZT9ynrwabD0qpDO31hHAmipifpEDmFaiqmYJFFUsbKNVRgTXjB-1r_gGLX-1YJ7yF0Rb5OODkRVuDFMcZRqJZDgLzCyMfssz5dy8LARFiJ68_n6x40X2_WtqfgHIWARgNvCejQC48t-_VtBPTbzmT6E2zHcaDqAUIJKhq6BkJCwGXWDmIpnWn7tAtPIBX-fVxP5XAvX47kyeWz_uHhpkua1r-vQDvJlibRocqA0o6KFka_mc0jPFmpo-oaH_q8j9ulTpkE4Zgt0FqfE-gkciVU72ROLwEkFh3UthI2rwACcD66tpTVe7vR3HnyfTSAvcSTNAIGSYNHrBMhK_ll2_0C2gwnME4wmorHehtCqT9dyOHIojNWyiWoZEbZebJjq57l5QkO_HCK3j8ARRW46Vo6CTLG43wV8SepXUEUqp9F6K4KpteZGK4j37lWDpbkKv4T2o6BOrcJgjcaSSMpXKnQO77u5IPa0x8Cp8OZdosWwShdqfczbcTbn3XIL6mBFDry984dwwLsBHyaWPo1ibW_hX0izyJa6Y0gkopJCuIVMGewlaMnlukt5nUoxUjD7peyCiHXzWgDZk10kqXZlQQ3_wNu-wdv1Pk9eRfxC9DZRykqc-HitOi2Id7W2li4vbrnETmgCsfTYkKzyG6fAis7hNe2DXHb3UQ5sNhXB5q9xuhfKMkyQmxvmYpzAXSbyTWnWtvS_Pympsn6TpPoFmGNh8R3YhBvFAff-wzmTJHeT_LfrxnqypxWGVT4hy9tgU19NRSlXI0y0RCG-F_1K8vJ1obO1Kn2Kj_isnn4G2gkpo

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13489147.js Show response
s1.adform.net/Banners/Elements/Files/2006433/13489147/ Frame 7C80 14 KB
4 KB 40ms
39ms Script
application/x-javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/13489147.js?ADFassetID=13489147&bv=258
Requested by: Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 96891605102d9fa142070c4eafaa951822ace0eb231eb51c4bb0809817ea7a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:14 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 16:17:18 GMT
server: nginx
x-amz-request-id: tx00000865606a95a48bd2f-00650cbd97-3295f919-default
etag: W/"b28bdc2cd4fe3ba6f5116092beff8558"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 9CE5 14 KB
14 KB 46ms
46ms Image
image/png 2600:9000:21f3:0:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
date: Sun, 01 Oct 2023 19:41:27 GMT
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 386628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14233
last-modified: Fri, 18 Feb 2022 23:28:59 GMT
server: AmazonS3
etag: "65a8b98b798ce416d94c2847aca40c71"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: WrrvTTQRPOwDGAiZoWtwU7wWNYysBRLFhwOEuyLHqkz9ak8omlYU6w==

GET
H2 200 styles.css
s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/ Frame 9848 14 KB
3 KB 40ms
40ms Stylesheet
text/css 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/styles.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 825a359f8c3c90bde0762469d2dd96cb2daf33f0a8840a3a7b81ffc06fa6b323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 16:17:18 GMT
server: nginx
x-amz-request-id: tx0000055f991370f747dae-00650cbd98-3295cc06-default
etag: W/"df2e21550c6fc037bf23660970fa6110"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 9848 30 KB
14 KB 45ms
44ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx00000a37373505363f9f8-0063766185-329354d9-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 lemonpi.js Show response
creative-libraries.lemonpi.io/v1/ Frame 9848 160 KB
160 KB 192ms
49ms Script
application/javascript 2600:9000:2250:8200:5:98ca:e7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8200:5:98ca:e7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea437da88136fe2eba4fcb307640131584cc8fc3fdaf98a625f1e054aee9395c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: xReKb2ttpeP3xDIQ9yyHb0md221wZXEf
date: Fri, 06 Oct 2023 07:00:56 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 28 Sep 2023 09:00:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 260
x-amz-server-side-encryption: AES256
etag: "e3dc7e913d714edd4806d596ef4e44d2"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 163701
x-amz-cf-id: 3HLn-Gz4iLH-EgtX9MpdznNU00WymJIwfAgA3Y6MvOYp2rB3kmoM9A==

GET
H3 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.2/ Frame 9848 113 KB
35 KB 48ms
47ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.2/TweenMax.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2453156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34778
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-87da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCDc%2BphpWp7qTH%2BwxqGef%2BPRj%2Byf8WZHAtSQowJ7Yjgg5Yj1ZVbVvf6ZTX0pW6g8s2pT5tAH8jjCi9KDUWQXXFLIiRyoGoTbbkDl5FwfXQVV%2FHrPqJXt53kiu8Qg8YrSUQpqwpr6AnWGoxwM3yhMyujg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811c0e0d4ad29180-FRA
expires: Wed, 25 Sep 2024 07:05:15 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ Frame 9848 86 KB
28 KB 127ms
126ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4935499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27755
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6c6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8z6AT7hDpg47UZWlkKaKp1HWFk2Yr0MoorkEOXeNWp8dw8FkaOB5nlwhtPTArVVwJZmlZJRC5dSJb%2BhbHK6fRaJPDiHUbC1OcAm2FHcZIWel38cvp%2FyGjyfB1ILQM3Y0oques1ttgAEAz2bG0NRo%2Br9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811c0e0d4ad49180-FRA
expires: Wed, 25 Sep 2024 07:05:15 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/ Frame 9848 12 KB
4 KB 44ms
44ms Script
application/x-javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/script.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0aebb3b43134cc24e993d0613fc7067fb9dada75e99a47f365fa6e6409dd465b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 16:17:18 GMT
server: nginx
x-amz-request-id: tx0000016e0c9ac242da8d5-00650cbd98-3295f883-default
etag: W/"723a60802cfa03ca10e8c3cd8ecb3d37"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
DATA 200
OK truncated
/ Frame 9CE5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9970385c171ebd202213484ef9a505e5b4a5748b4a7e2c74dd29637f91d75e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D170 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJKpvcKh_YzbyKOr-sF_k2NqRIXYGL0AgJhb2H7uhglX91Jak3UZdeSc2o_bAdLeggjZLQ8Qulwxc5Vf5qZCkZq_1Nr_u1RI_gqsvf_94n_Gbxg5LN8Da3o2eviX7VPgPtCpspbBe4DEeI&sai=AMfl-YSS_w86szmO4BIhf-Ud-aPGGcdwhNBaMKsIlCEGiTD1Qn9mwXA_CBOJirG1bT8nfeZXWsUIcZRFJ0LPG9lqSZb_t5BwQc_DGKc90LZiZGXajwCwRhuUh9JuTMPsIdJJA_mJrischQwqch-nbg&sig=Cg0ArKJSzGHlyRU7NaOnEAE&cid=CAQSTADICaaN1Um7VK3-D_Oo6RhUVVqvwQYuRYLcfPdDRjF8-G27wi3788CbbC41G7gvNkSAGaXyobrYx6E5TaA09Eu2SIpoQKAOxxVyxpEYAQ&id=lidar2&mcvt=1053&p=0,0,280,1200&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2399278405&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696575912889&rpt=1149&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles.css
s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/ Frame 7C80 14 KB
3 KB 40ms
39ms Stylesheet
text/css 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/styles.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 825a359f8c3c90bde0762469d2dd96cb2daf33f0a8840a3a7b81ffc06fa6b323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 16:17:18 GMT
server: nginx
x-amz-request-id: tx0000055f991370f747dae-00650cbd98-3295cc06-default
etag: W/"df2e21550c6fc037bf23660970fa6110"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 7C80 30 KB
14 KB 44ms
44ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx00000a37373505363f9f8-0063766185-329354d9-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 lemonpi.js Show response
creative-libraries.lemonpi.io/v1/ Frame 7C80 160 KB
160 KB 249ms
144ms Script
application/javascript 2600:9000:2250:8200:5:98ca:e7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8200:5:98ca:e7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea437da88136fe2eba4fcb307640131584cc8fc3fdaf98a625f1e054aee9395c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: xReKb2ttpeP3xDIQ9yyHb0md221wZXEf
date: Fri, 06 Oct 2023 07:00:56 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 28 Sep 2023 09:00:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 260
x-amz-server-side-encryption: AES256
etag: "e3dc7e913d714edd4806d596ef4e44d2"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 163701
x-amz-cf-id: juXtvfquJHytQ-E90G_WzhY2RSqbaxxrvnkJBlitB5uFOKsErHrdQw==

GET
H3 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.2/ Frame 7C80 113 KB
35 KB 91ms
90ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.2/TweenMax.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2453156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34778
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-87da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3RShxyY1KJ5N8gih2Gpg7T5DSwz6HmbsG2TgPtHfCBMKQJ7HjZ%2FRLrNYHceCYsUHp%2Fl%2BpEo2naykBo9U6eEhlSOWfMYBnDDD6T%2BCyUkNinYZzNmxfxEgQBxTKHxQd2CDP5X%2Bw9PkaTe5RrF1QrNZdP6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811c0e0d8b149180-FRA
expires: Wed, 25 Sep 2024 07:05:15 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ Frame 7C80 86 KB
28 KB 129ms
129ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4935499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27755
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6c6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRVjlVCh2OZw2lKFbvCRMrt8auSQAKjCP3BIGwJVosN4vnWbWgU879fu8oXafHQlIYluPfNdGO4DrpuHqvCdKYHzwH1K9ngG7q3oRfR2w%2FipTHkwNVSzuBFBbXK3cLh%2FVFXfWj11ahhrFQkVHCfP49Mg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811c0e0d8b169180-FRA
expires: Wed, 25 Sep 2024 07:05:15 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/ Frame 7C80 12 KB
4 KB 48ms
46ms Script
application/x-javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/script.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0aebb3b43134cc24e993d0613fc7067fb9dada75e99a47f365fa6e6409dd465b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 16:17:18 GMT
server: nginx
x-amz-request-id: tx0000016e0c9ac242da8d5-00650cbd98-3295f883-default
etag: W/"723a60802cfa03ca10e8c3cd8ecb3d37"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8945 43 B
215 B 187ms
187ms Image
image/gif 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c41cc067-3020-bb78-b8a4-34f7af810b01&tv=%7Bc:qfuhkd,pingTime:-10,time:731,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696575915112%7C%7C69c55c3c74d5a9e2266f4d1cdc0a5ac4%7C%7C8e5269e98501ac65ff2ab303e742fcb1%7C%7C17bb6c1e7bc25b4cb184b42dded15c97%7C%7C436b845452d24a5cf2024ee359dbd448%7C%7C2e8f22dd464d3e9a23ac0557ca675afa%7C%7C1e1ce7cc5725deeeb920a32843b20a58%7C%7Cfe8f83723a9a4a6f5a718a235717112c%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:15 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame 7160 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 05:53:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA55 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BL39KqrEfZZ2LEZaUjuwPspSyGAAAAAA4AeAEAg&bg=!XF-lXxDNAAYMG8UMLBs7ADQBe5WfOIEe97wKFEtCfvmZ1KDGS8f0vR4oxVpvl2NyRMDkUfTcBcH4olC63EfsMRcoBqzNAgAAAbBSAAAABmgBB5kDC2W-Tg69YnnAZC3KX6giSGlGGpIoB_2dT9EWMFWf16nWM9Iyy3G3CNiaeuYTJ5DCYhNRanxm2VXqNez9KL44hylr2wp51PYxe5MbvOR4pLSiEMQYLUVYIkgim-0fHQoWmusE691R7MMfhKHCOv9BZoVm8hLObErFvOJeeLDMp0M4sJAq2lEFYeKuB9-BLldjyJsVpvTH_f24SV317Bdne66W0pQ5_myULLdWB3cfDQOa1HMFkaszbAcW2AhavFlcKj4cvjBST3NIIyRKJAveJ1rc57XiCCEg8jjaVmLHevMXpJbuDV81GMqhL92qvhHZwuSGfmLkGGWGuLP_Z6cnZZ4pQcAkFCriwZgSsgkBIL_yfF8zVBAyEnydNE-1Xm48NeE4lHyYVCHGrO8dwKF3ZGy9ob6kxQUc5hdSXcCv7fJmTmrjVxAU9eXIbt7Ra5KAQyc6_GodzTWq6BI7tlKJ0EKKg7ddlP-72tMeiB2wFMrYNOtE3YgiowyCH7RrurLCywOp5FkYJUJkvkcDpHSJaUXVOy3QTgBvNF1yeVYLHrsITlmpvvgBqU5CpFqaBSGgMMrBcXJIlhSaExfCDwYI3L-fXE-lkvR1tP2oieOc2ighQI70-tET5Hyz9F4P9GqewNNu0nMAIqLWRUiudpoYxw1UU6JhnkNpLxxOpeuc9CZqyBOpNFbY7byge57uzOLp4_SMUVCj5EIHhGqCCfSy6XrfmmK24YZAO0e54i3epTXc2kZDhCnpcR5Js7mDy-ZyR2OK6h1_r4UkyuQkXSE-Mxh399r6VHVIWje04nBWmhuVLJ3bUReeBO7RLA_FZ-VtXgh4AhTkNM8wNlqCHz3wnrFFd9VON7wL8Y4GU4q25Obm9mrgBA7ep2FV6niLmWHrkDjJ9Ht37--YndGgcddHKB-mVte3ZQXuuL0C9kCOt4IW2IauUlY8Sc0UTJe8BmALMfDcrnek8_jWO_lKJScucLIVTRPQ4oVGIMLk4xSqOA6SFq_YRI-JQrJuwsZao-AAsgZgsisc1_Pn1aum

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2439 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfdNJqrEfZcSwEc-WjuwPm7ixmAIAAAAAOAHgBAI&bg=!QEOlQwzNAAYMG8UMLBs7ADQBe5WfOEqNmPcyBB9lIqmsJAqJZJ011NI6ZECkv_BNv4TaJTtoqJF5Bcb-E0gUxI4qGSXuAgAAAYJSAAAAB2gBBwoAJBfxFKlZIqhJjp06ednWDkj7r8KSEF3kmmXFbaHSoqfXdq41vpkDB0wmi5D8QmMcuHvGxXN9dBj-pqqyiwjfZT_h8OI6N0jALFD4-f_-bLwbryOVuMTitX1yzvxWgw-Y8elqtOWDufnkjkKjnuClWQs1UO2m5DviYB3_mFqYNSTBs1R6ap6EFOcnm2yjOcYJAa2_NtN577sofp9jlbxEWLAJWs8CWYAKkj8RTGfZdtA1d1LFAGB5Rj0ehEQNk-z5X5eG7wqZ_8OEBSTdR8pIGr8MhvyPi9B6Xy8gTI9to5YUKwDoNW6R06v3wT4UZcQC7pxZVEbT2Ne9r8rZxTt64HcLkbwT9j6xp0Kg98W7A_Dg-EnWFJfXa0n_jYIOcFVYYBWCswoI6yyQXgL2WzkfaTUEx4OifbDIOGO31JeJD-evT1ECsDyhIev0VHeJP93vyFvX1vcQ4wabt8zbDR83ZlUCAtOmybiPdXjR5RRW5wgwBxGQz83ldXO4Y-77YsI_mrTiRp3nGtmPZm1SNGLjRLqFXxiGiFAbA3AxKkhbE5Y3fZ3juKj_zF2pbpQ3MZehf6JUmxoTDa9m-Q0XX2rQXuOTPU4z33DwENc4h6OPXwMwTkZUoLvwtIDUxSeWAAOoXwY0rpR_-aORLGwJrqNcE2pUu0yZu1JeuIWUZud38b8N8HWL35V9TuNUr72BEFf9cJUPEdFZAdtTc8Xcft5yrMSAoT9ML0-cIlh39CDv-fcflTTusoh_hAsohxMtSGkyoj1PS_uOJXIo31VlVRpDGK5Fq-Mui2A_QKdOU119cOjgt_ug_riPMCAzVvo1T4VwDKSYNOV5wqH6LriEjYFIIK5Hyc1BPOdq7mVwijcHxNiTwU3Ic11mS85MZwVOetNwlbfZoSIUTg2mO5p-f3-aaqa2PnNTEQNlIJ8ue07y-6qLTlwsSv4DEpfrVgUJH4bDtyP9-VWFPsvLwEwNT71wtP9czMIhBfrQ5sIfMIIMqWvSPkDIw4pC68QSRflrwlGlvimy_edkC_Oe-53iwQv8f1YJOHrEGXcdkoCQYKCvbIoAvfctmXZjBGud1i3ByRw

Requested by

Host: alkoora.livehd72.live
URL: https://alkoora.livehd72.live/m/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE5 43 B
215 B 190ms
190ms Image
image/gif 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=627b650f-c059-5cf9-c2a6-5b1b1d908ec7&tv=%7Bc:qfuhmi,pingTime:-10,time:487,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696575915242%7C%7C50de9de38d5136f501639b9d0d5af090%7C%7C8e5269e98501ac65ff2ab303e742fcb1%7C%7C17e3833b39f45ec11f145bececf867ed%7C%7Ce4e95658527b71133de8d5a29c7a5b5e%7C%7Cebb6dff930f8c3cae4a2155827f7f728%7C%7C62cf21820185edacd5f134f7b167acb2%7C%7Ce57fe3c21c0c09ad3ed5faccb09a7633%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:15 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7160 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_8ygqrEfZfKcJYvpx_AP49Wk2AYAAAAAOAHgBAI&bg=!hYalhsnNAAYMG8UMLBs7ADQBe5WfODuxUhytMxGawnfYfWqSiCyBOvtDFLsR6m1WGoSlxC5lGgjobT1RLL6hOXO7o6OvAgAAAHhSAAAACWgBBwoAJwy3MjzHaq0C_uRUdj-6kiCw_JUpe3hxzmJdFwPZ7nsRGYBFM6H4s5kC6AGayulvxH-_ouVpwEu9pC6CIef6hEbSNsDabkj6HbBtVfagzx7_sr1yKQeiEBGXLz1JSSFG8qMMDaRTS3Th7txuS2WIDjihzUXuw6M8ipotLIxPaF42EHpMJmSCLWwrp7RjMGf2HnZ3w_cZi2F6qjE710XW8MQ8DA96od86QIzve5Wvv_qxt2KutL2ckelHPkdxno9d46NoswqmjuSM6tlUwMBpOH5z00tmKDCrFWzsnjasQYLvRIhQj8Z4hS5cMS6i7rrx278WnfmIu7dwZWoyQqlLOwqVtRQ8sAoI__MPU6fA7lmjW_x-vcejnQy8nOjXO4E7C58Gzppa6-CeVsEo5yipgQwPizb2A7fNhP3PHd5t3xnNYlj8Fyo34X8NvbFVaAEMvYWrmWSGrClMs53XqHHpcWbLud4vPOn7iydtHV1LvMxyIGwYQl9iSk21w_QJuPBdWn0ofwmGAnQxtIOEfjCfy7F8MOzTG3nb8XHNTwnYWihaOGePq0c79qECRetgWgLJ3krAlDpBw1gRBPbfzfoXx0qFXUC6pKXkALF3J8l-uvtdviaJJBddVGPoGGYPvczz5-MkoQk9DnJB9gigu0E6uF_SkofhWW49QbPgvYe54oJjnii5YANmdiVAUqVti5Ai3Qs7YSHSdUGX_eDJE5-07Uvv_QUEerD57WxPSPuDDwjfXO_P8ZKmbpoxataRn_d6JJsKnfG2wGYyZJm5iD0K9Ygqod3sWBN9y4CIYhkQPLN2e77R-9ccsT8sjw-y5N1YfWr8PwVMX04VMUdrXILTzDyv6Xb4UpTyseTTUdWtdCX0uqU517uizG7ZMZWYnzSBmp-luqRo9fz4pSKXtT3AAFmqX2n8rmoQ2KgC1KtrUY8Dii8Y3mti3rVp8K0LHv-tySOXVKlELwuWCyXAA-Dn29alFDISytJnZMb9YuY5mv_Fs_68uwLbsNQXEjc1d8cUGoOIJXYobgkWGt4OSnAuXjvVJw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE5 43 B
215 B 187ms
187ms Image
image/gif 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=627b650f-c059-5cf9-c2a6-5b1b1d908ec7&tv=%7Bc:qfuhnK,time:577,type:e,im:%7Bpci:%7Btdr:508%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:577,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B570~0%5D,as:%5B570~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:385,fm:tRT5DBk+11%7C12%7C131%7C141%7C15*.1135760-69474498%7C151%7C1611%7C1711%7C17121%7C1811%7C18121%7C191.1474271-71242846%7C1911%7C1912%7C19131,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:22,sis:227%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=250&slotname=9272047299&adk=2789970875&adf=1157907922&pi=t.ma~as.9272047299&w=300&lmt=1696568712&format=300x250&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=452&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=943&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FEuHKy795c&p=https%3A//alkoora.livehd72.live&dtd=457
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:15 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK request-cookies Show response
content.lemonpi.io/a/778/ Frame 9848 90 B
587 B 198ms
58ms Script
text/plain 52.209.50.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.lemonpi.io/a/778/request-cookies?callback=_lemonpiCookiesLoaded

Requested by

Host: creative-libraries.lemonpi.io
URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.209.50.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-50-140.eu-west-1.compute.amazonaws.com

Software

Resource Hash

12a370f2b8dabca80528bb4445d21d76e226558f9179029ede8cbea865fdd67d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 07:05:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: 13ba6e81ad964b2c81957ccda8bb61d8
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Content-Length: 90

GET
H/1.1 200
OK request-cookies Show response
content.lemonpi.io/a/778/ Frame 7C80 90 B
587 B 174ms
59ms Script
text/plain 52.209.50.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.lemonpi.io/a/778/request-cookies?callback=_lemonpiCookiesLoaded

Requested by

Host: creative-libraries.lemonpi.io
URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.209.50.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-50-140.eu-west-1.compute.amazonaws.com

Software

Resource Hash

693b8f1e0afe716bdf62eb9f1c045c86527264daf3461e4e91a634a3a9654b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 07:05:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: 5c2a5972b65a40d09ea51c3136a79cce
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Content-Length: 90

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 88ms
88ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e346fec685e75c2827eb3f21c6457399cdc89cba79168ac53da4bcdea989751b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12194
x-xss-protection: 0

POST
H/1.1 200
OK 21340-79723 Show response
content.lemonpi.io/a/778/c/9425/content/ Frame 9848 8 KB
9 KB 77ms
76ms XHR
application/json 52.209.50.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.lemonpi.io/a/778/c/9425/content/21340-79723?impression-id=9fe1486d-fb2f-4e7c-a753-dd5aedbf7c7f

Requested by

Host: creative-libraries.lemonpi.io
URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.209.50.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-50-140.eu-west-1.compute.amazonaws.com

Software

Resource Hash

256a3afc8f64b7342e11eb224706b7d896d55994804576b7138054a603d43157

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 06 Oct 2023 07:05:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: 0d1c90744d0e4dbfb8b4fb5d2288a0d0
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Content-Length: 8604

OPTIONS
H/1.1 204
No Content 21340-79723
content.lemonpi.io/a/778/c/9425/content/ Frame 0
0 175ms
61ms Preflight 52.209.50.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.lemonpi.io/a/778/c/9425/content/21340-79723?impression-id=9fe1486d-fb2f-4e7c-a753-dd5aedbf7c7f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.209.50.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-50-140.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Date: Fri, 06 Oct 2023 07:05:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains; preload

POST
H/1.1 200
OK 21340-79723 Show response
content.lemonpi.io/a/778/c/9425/content/ Frame 7C80 8 KB
9 KB 72ms
72ms XHR
application/json 52.209.50.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.lemonpi.io/a/778/c/9425/content/21340-79723?impression-id=6e5b96b3-e0b8-4d83-aeaf-ccd4857ab748

Requested by

Host: creative-libraries.lemonpi.io
URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.209.50.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-50-140.eu-west-1.compute.amazonaws.com

Software

Resource Hash

256a3afc8f64b7342e11eb224706b7d896d55994804576b7138054a603d43157

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 06 Oct 2023 07:05:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: 804af020aca34d8c90dd1dd5143e0b7e
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Content-Length: 8604

OPTIONS
H/1.1 204
No Content 21340-79723
content.lemonpi.io/a/778/c/9425/content/ Frame 0
0 172ms
57ms Preflight 52.209.50.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.lemonpi.io/a/778/c/9425/content/21340-79723?impression-id=6e5b96b3-e0b8-4d83-aeaf-ccd4857ab748

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.209.50.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-50-140.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Date: Fri, 06 Oct 2023 07:05:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains; preload

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 07:05:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4DDE 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://alkoora.livehd72.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 19:18:41 GMT
expires: Fri, 04 Oct 2024 19:18:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6F59 829 B
999 B 50ms
49ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6973efb8df23c98969b0c8b8d55ba544e02faf7bf70854385af3a4856e86c256

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H4JuEJGntYw6U2R0ohPNOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alkoora.livehd72.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-H4JuEJGntYw6U2R0ohPNOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:05:15 GMT
expires: Fri, 06 Oct 2023 07:05:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DDE 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 16:41:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F59 0
0 74ms
74ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=3374131933877549&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

POST
H/1.1 200
OK log Show response
log.lemonpi.io/ Frame 7C80 2 B
251 B 196ms
57ms XHR
text/plain 52.209.50.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.lemonpi.io/log
Requested by: Host: creative-libraries.lemonpi.io
URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.209.50.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-50-140.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Fri, 06 Oct 2023 07:05:16 GMT
Connection: keep-alive
access-control-allow-headers: Content-Type
Content-Length: 2
access-control-allow-methods: POST,GET,OPTIONS
Content-Type: text/plain

GET
H/1.1 200
OK event
content.lemonpi.io/track/ Frame 7C80 47 B
569 B 61ms
61ms Image
image/gif 52.209.50.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.lemonpi.io/track/event?e=%7B%22content%22%3A%7B%22source%22%3A%22lemonpi%22%7D%2C%22version%22%3A2%2C%22type%22%3A%22impression%22%2C%22schema%22%3A%22adset-creative%22%2C%22impression-id%22%3A%226e5b96b3-e0b8-4d83-aeaf-ccd4857ab748%22%2C%22adset-id%22%3A21340%2C%22creative-id%22%3A20264%2C%22advertiser-id%22%3A778%2C%22creative-revision-id%22%3A79723%7D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.209.50.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-50-140.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7813226abb8a96b43c775baa0c109186ec8b6e723789ada7aaa43346596b6450

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 07:05:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST
Content-Type: image/gif
access-control-allow-origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: 7d249c1ad7d4487e9bd861aa065d4e8c
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Content-Length: 47

POST
H/1.1 200
OK log Show response
log.lemonpi.io/ Frame 9848 2 B
251 B 181ms
58ms XHR
text/plain 52.209.50.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.lemonpi.io/log
Requested by: Host: creative-libraries.lemonpi.io
URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.209.50.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-50-140.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Fri, 06 Oct 2023 07:05:16 GMT
Connection: keep-alive
access-control-allow-headers: Content-Type
Content-Length: 2
access-control-allow-methods: POST,GET,OPTIONS
Content-Type: text/plain

GET
H/1.1 200
OK event
content.lemonpi.io/track/ Frame 9848 47 B
569 B 60ms
60ms Image
image/gif 52.209.50.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.lemonpi.io/track/event?e=%7B%22content%22%3A%7B%22source%22%3A%22lemonpi%22%7D%2C%22version%22%3A2%2C%22type%22%3A%22impression%22%2C%22schema%22%3A%22adset-creative%22%2C%22impression-id%22%3A%229fe1486d-fb2f-4e7c-a753-dd5aedbf7c7f%22%2C%22adset-id%22%3A21340%2C%22creative-id%22%3A20264%2C%22advertiser-id%22%3A778%2C%22creative-revision-id%22%3A79723%7D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.209.50.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-50-140.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7813226abb8a96b43c775baa0c109186ec8b6e723789ada7aaa43346596b6450

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 07:05:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST
Content-Type: image/gif
access-control-allow-origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: 2844ea1f484b49e9939e8364e5688a6f
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Content-Length: 47

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4DDE 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?R40uOQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 f0ed1ccc69f80cd24ed7d9ee08206f63.png
assets.lemonpi.io/a/778/ Frame 7C80 1 KB
1 KB 161ms
40ms Image
image/png 2600:9000:2491:a400:f:7bbd:36c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.lemonpi.io/a/778/f0ed1ccc69f80cd24ed7d9ee08206f63.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a400:f:7bbd:36c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db1a5ad3265c2151c414de33833c4c08c3e147bceff6ded376154dd18695d568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:35:43 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Thu, 14 Apr 2022 19:30:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1774
etag: "522162d1eb060c9752b6c0e0056b8168-1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1162
x-amz-cf-id: o78XiuL0C0HwvAaWJ-If7U4eHaPVIxlEEHzH9BVU63JESEQ0TYdb8Q==

GET
H2 200 843f0d1bee0d55dd5f29bb2af285cca8.svg
assets.lemonpi.io/a/778/ Frame 7C80 2 KB
2 KB 162ms
41ms Image
image/svg+xml 2600:9000:2491:a400:f:7bbd:36c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.lemonpi.io/a/778/843f0d1bee0d55dd5f29bb2af285cca8.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a400:f:7bbd:36c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c141cf3bdf6a65b630c6b85f1eb667795a6d5cafd772e212669d5036950303c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:20:41 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jan 2022 13:57:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2676
etag: "7c9ba9ea3bb0d9ca6e8389ed336ca171-1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1988
x-amz-cf-id: byEpFWM-wLsFFPyXjFQxmC6fHuUXtGD83nnod8dkoUvayngpOu7syQ==

GET
H2 200 6e14382d7a69bda11bdb8fb429f69da8.svg
assets.lemonpi.io/a/778/ Frame 7C80 799 B
1 KB 161ms
41ms Image
image/svg+xml 2600:9000:2491:a400:f:7bbd:36c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.lemonpi.io/a/778/6e14382d7a69bda11bdb8fb429f69da8.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a400:f:7bbd:36c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a63f4ccc751a27463771ab83eb79f1fd3b132d7b2d44fe30ade30ba349fa6fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:52:40 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 08:41:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 757
etag: "6260b152e304d24c3c75bece824721c2-1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 799
x-amz-cf-id: EokcewiTwMy3USguYqhC62cTRvrX3RkksJ0fp9V2xiq7SSJR1_MgPA==

GET
H2 200 33a8928d7a34e3348033c6f19551e620.png
image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/ Frame 7C80 459 KB
460 KB 168ms
47ms Image
image/png 2600:9000:2156:3c00:1:5992:c8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/33a8928d7a34e3348033c6f19551e620.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3c00:1:5992:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f2d50cd54e3f1fc05e0327433a48fb6ff8bd0a9481770dd3e8b40055bafafa10

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:19:56 GMT
strict-transport-security: max-age=300; includeSubdomains; preload
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 67520
access-control-max-age: 1728000
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 469621
x-amz-cf-id: zilK-hk_7R-1skoSWiAK3SbJ9oG8UK6BgYwWeoY0kpJNSq1taRBTjw==

GET
H2 200 c8470a08513dd443da1c35ea707a40f9.png
image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/ Frame 7C80 1 MB
1 MB 322ms
201ms Image
image/png 2600:9000:2156:3c00:1:5992:c8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/c8470a08513dd443da1c35ea707a40f9.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3c00:1:5992:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

aa8ac2675ca53f20fbad4ff0edf1a37e68e2db9ef2540fc6e8157b8f58784e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:19:51 GMT
strict-transport-security: max-age=300; includeSubdomains; preload
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 67525
access-control-max-age: 1728000
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 1078315
x-amz-cf-id: E5r-wdsoXNUhQhl0iiYqId-yqGAPVY8TEoTqBriheROBmwDLAO-Mkg==

GET
H2 200 4b1d295d0b54666480f37915f24784fe.png
image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/ Frame 7C80 584 KB
585 KB 364ms
244ms Image
image/png 2600:9000:2156:3c00:1:5992:c8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/4b1d295d0b54666480f37915f24784fe.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3c00:1:5992:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c8df915937870a885aa429704ba3364ef054b5e3889e426c6fd88284547134a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:19:54 GMT
strict-transport-security: max-age=300; includeSubdomains; preload
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 67522
access-control-max-age: 1728000
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 597983
x-amz-cf-id: szhhiM9RIshyTOYNLNdBhg70n210WtL-fRY50V1ciJuzghcGytVT6Q==

GET
H2 200 NotoIKEALatin-Regular.ttf
s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/ Frame 7C80 171 KB
93 KB 163ms
81ms Font
application/x-font-ttf 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/NotoIKEALatin-Regular.ttf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 67eb28be55f2a6d2f26cf9499a67bce4ae5694e949302d661156b6cdd811427a

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 16:17:18 GMT
server: nginx
x-amz-request-id: tx00000449472d5c9adbf27-00650cbd9a-32959e94-default
etag: W/"12a81d5b229338d1d753a89fdd1b9a00"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 NotoIKEALatin-Bold.ttf
s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/ Frame 7C80 171 KB
92 KB 238ms
156ms Font
application/x-font-ttf 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/NotoIKEALatin-Bold.ttf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5d60a0df5f826661c9122403127162e9478c9dea4cd6976e2e2970df3da0ea9b

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 16:17:18 GMT
server: nginx
x-amz-request-id: tx0000082d3846b0de959aa-00650cbd9a-3295cc06-default
etag: W/"3addc63d36dc77f1398ad784b37ed773"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 f0ed1ccc69f80cd24ed7d9ee08206f63.png
assets.lemonpi.io/a/778/ Frame 9848 1 KB
1 KB 148ms
42ms Image
image/png 2600:9000:2491:a400:f:7bbd:36c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.lemonpi.io/a/778/f0ed1ccc69f80cd24ed7d9ee08206f63.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a400:f:7bbd:36c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db1a5ad3265c2151c414de33833c4c08c3e147bceff6ded376154dd18695d568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:35:43 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Thu, 14 Apr 2022 19:30:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1774
etag: "522162d1eb060c9752b6c0e0056b8168-1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1162
x-amz-cf-id: pta7rq49-PMj97SLUFPXK_nA5siBxmnuVqyGs7_iIpV4UGJ1zSjjQQ==

GET
H2 200 843f0d1bee0d55dd5f29bb2af285cca8.svg
assets.lemonpi.io/a/778/ Frame 9848 2 KB
2 KB 150ms
44ms Image
image/svg+xml 2600:9000:2491:a400:f:7bbd:36c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.lemonpi.io/a/778/843f0d1bee0d55dd5f29bb2af285cca8.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a400:f:7bbd:36c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c141cf3bdf6a65b630c6b85f1eb667795a6d5cafd772e212669d5036950303c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:20:41 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jan 2022 13:57:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2676
etag: "7c9ba9ea3bb0d9ca6e8389ed336ca171-1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1988
x-amz-cf-id: gqq-wX33k2vqS8AeG00Y3jsXJzU6tSdp1nhdJ_HsxGu8QqMYA_nGJw==

GET
H2 200 6e14382d7a69bda11bdb8fb429f69da8.svg
assets.lemonpi.io/a/778/ Frame 9848 799 B
1 KB 149ms
43ms Image
image/svg+xml 2600:9000:2491:a400:f:7bbd:36c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.lemonpi.io/a/778/6e14382d7a69bda11bdb8fb429f69da8.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a400:f:7bbd:36c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a63f4ccc751a27463771ab83eb79f1fd3b132d7b2d44fe30ade30ba349fa6fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:52:40 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 08:41:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 757
etag: "6260b152e304d24c3c75bece824721c2-1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 799
x-amz-cf-id: PN6N9eiBu9_CQXFpCEoc3KbnMKo08X_xPxafuwPzJ1sPeGY7IaU5nQ==

GET
H2 200 33a8928d7a34e3348033c6f19551e620.png
image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/ Frame 9848 459 KB
460 KB 350ms
244ms Image
image/png 2600:9000:2156:3c00:1:5992:c8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/33a8928d7a34e3348033c6f19551e620.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3c00:1:5992:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f2d50cd54e3f1fc05e0327433a48fb6ff8bd0a9481770dd3e8b40055bafafa10

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:19:56 GMT
strict-transport-security: max-age=300; includeSubdomains; preload
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 67520
access-control-max-age: 1728000
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 469621
x-amz-cf-id: o1S5sQ4byhAbxE5zzQHex2L3EpgT7u6EJXUbxvKfiF1XUAvIZ6SZqA==

GET
H2 200 c8470a08513dd443da1c35ea707a40f9.png
image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/ Frame 9848 1 MB
1 MB 350ms
244ms Image
image/png 2600:9000:2156:3c00:1:5992:c8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/c8470a08513dd443da1c35ea707a40f9.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3c00:1:5992:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

aa8ac2675ca53f20fbad4ff0edf1a37e68e2db9ef2540fc6e8157b8f58784e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:19:51 GMT
strict-transport-security: max-age=300; includeSubdomains; preload
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 67525
access-control-max-age: 1728000
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 1078315
x-amz-cf-id: ism0Q9rWccs7_ZQ6QTVE-psg_vGxkvLA3KrjB4FRcZrHOgj43r55mA==

GET
H2 200 4b1d295d0b54666480f37915f24784fe.png
image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/ Frame 9848 584 KB
585 KB 350ms
244ms Image
image/png 2600:9000:2156:3c00:1:5992:c8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.lemonpi.io/img/https://res.cloudinary.com/ghg/image/fetch/q_80/e_trim/https://assets.lemonpi.io/a/778/4b1d295d0b54666480f37915f24784fe.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3c00:1:5992:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c8df915937870a885aa429704ba3364ef054b5e3889e426c6fd88284547134a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:19:54 GMT
strict-transport-security: max-age=300; includeSubdomains; preload
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 67522
access-control-max-age: 1728000
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 597983
x-amz-cf-id: RLeAGwkYFFKJwuO7hHWwOaxaAXQGKEHCDkrIyO2psP5MEEi9aLYYIQ==

GET
H2 200 NotoIKEALatin-Regular.ttf
s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/ Frame 9848 171 KB
93 KB 277ms
210ms Font
application/x-font-ttf 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/NotoIKEALatin-Regular.ttf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 67eb28be55f2a6d2f26cf9499a67bce4ae5694e949302d661156b6cdd811427a

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 16:17:18 GMT
server: nginx
x-amz-request-id: tx00000449472d5c9adbf27-00650cbd9a-32959e94-default
etag: W/"12a81d5b229338d1d753a89fdd1b9a00"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 NotoIKEALatin-Bold.ttf
s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/ Frame 9848 171 KB
92 KB 256ms
189ms Font
application/x-font-ttf 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2006433/13489147/bvpath_258/NotoIKEALatin-Bold.ttf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5d60a0df5f826661c9122403127162e9478c9dea4cd6976e2e2970df3da0ea9b

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:05:15 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 16:17:18 GMT
server: nginx
x-amz-request-id: tx0000082d3846b0de959aa-00650cbd9a-3295cc06-default
etag: W/"3addc63d36dc77f1398ad784b37ed773"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4777 0
20 B 77ms
76ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4868519466950&version=m202309260101&ct=77&x=1&cor=7742641909078650000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 525B 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9387845979018&version=m202309260101&ct=77&x=1&cor=5956452578747817000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4777 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAUIyVt3E66GBWTpuLJqu5atOjd4XiyDgzofKNEudXPbrJYjbsyVog5sx8p-ylzDW38sitKnfJj9n8hhmBXwuIpc8NQkka4jc2d4GQK7ugzR1JSKI2UlpSUT-ImA-9gyL4jWfNaBOVH1v9&sai=AMfl-YSnGLXFt0anrfnlR0r3Gji4di64OG4gOtwvgYOAKlyhwMFkfRdaqu9ECS__mocsz9qJJzMtQtM0U7AU2nSK9CD1gfLRuLKgPjkBkG2lhMPuIUJAHGeKXL1ZyGqw2KLw_T-N7fj6gnnejCaO&sig=Cg0ArKJSzH5aPWWnvcfyEAE&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&id=lidar2&mcvt=1000&p=0,0,604,120&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696575913964&rpt=673&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 525B 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQcUrPw5EndrE5GzhxMguF4l0x41zf_cmBEJLy4Y482BqT9vwe0L9_he376u20ow6s8Fbwy9GO10zsrrna2YqysnEX2j764Dg0Pbh64JwV7X_zvdaDwrenDd5N-VYhqgUrFLMetP0UBdg_&sai=AMfl-YTiOkGJ5vFQzowhFqe6Q2HA9FsC0tRQu8bQY8lGIegMYktRfS0AWhPPal0V_Prqx7ZqrbVvnW6fu2_2JKZuRBnSqCwT4YpPV06ZSprzgGPDgFxzV9eCR0EksOJci9MYhcvL5iQpGevslI_E&sig=Cg0ArKJSzCFRnd-Sr5R6EAE&cid=CAQSSwDICaaN_oGpCks_KtmRQjHZztf30SiW6GlT61J4PIoW76r2khMdVI5T78adi44nsFkRnUw-a0GNIEr5q-_NBK1Lb7U05J6Y6toUqRgB&id=lidar2&mcvt=1001&p=0,0,604,120&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696575913990&rpt=706&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9CE5 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswsFBSTt4P5aR1vy0Rb6M49SlSekf7VQ5UI6RyRZuQjJX0-j41QEp9n2siadM7QqWYAb02VdU7EfvfnvgOxqbFaOGpNVxRwTOdudxS9E8XTKjfrOIE2xnqX7RM6s_Ep8FG7Z5tcAuFXiZA&sai=AMfl-YSuuV3PI2X_YueLdWXNkFQaTcI3iLUm2z3ebzwalDfildeS9bpNGeY-EsySonrYV0MZccZGuZ7WHnw9Kd6_sSE4mb1GM-_lebokCpaLB4doq6CGhO1A5Hh-yKliYunsj6z01fOA3ltIlNOO&sig=Cg0ArKJSzA0o-3_fVOUJEAE&cid=CAQSSwDICaaNG1TQjeNWV1PVuai-kmwAx5dI5x_nSsf3fqzeV-N0ASzysDfziv9LbHaot2GmBX3V2v6BB3ZSrfywiVVaAc-Euv5gLJCkzBgB&id=lidar2&mcvt=1001&p=0,0,254,300&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2789970875&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696575912955&rpt=2167&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8945 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9511983248263&version=m202309260101&ct=76&x=1&cor=10163009356579801000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=3374131933877549&bg=!f3ylfDPNAAbjlzx0w5c7ADQBe5WfODBBjdwYyRbz624ay8VWX39aW_alLOagyE3Vn-gf1IMTeY95qZ01JWAIFKVcBzTyAgAAAHtSAAAABmgBBwoApTE0ALAwvmF4DWUJnYYAQw4Qxzx9cdWcUbMZQ9oBAsmEB7xr988Ny98RxQJGLwBUACYRmL9L5hgJVwyG-lx9fuB0pNlUEWRCOaVPWQYjnsC0T3KUuv4pU_C0cUSViEUSkwBDQpd9sVQhf2jnNcyIbfkrQttLGlkr2CGbRbxARP5e6Om2ukQagAKi17vRA-C01ygzFy2RYBycfYAccahShUCzhKygbpkCx-PwWbwE8i-j55E6gXrgecgvaQS3vzU3-D-2nT7eB6UjLGXrZPsaEbccZ-Bz24mOJ3iDluT--GNAIyHSAisM7rf2oukTq9NFoT4ElkauTrQfwuL4NrHKe87LvQUUVTwpF99BjdM4DHVDJ84cH_pYvUOuOAhDiR6R6sqR7JJvRelHmzb8BlNvhs78CU1nrHbAPdhXlse4_OxWcy-PUoxyncJgQLoxZxaxCJ4oH49bu4Nl-1-8a09Y0PP6xpkxK85L_qJdipyn0cJGkxR-MHSe70ptl8_gXqkVrJNGZYphh4dhpz3tXqg_TPNXEVQvE6MzKROMni9xrfRL7zp9vEvUsBzZM9ohG6WP_Znl7s4IK7GJSZqtYkOP1syXzaNRnJwfnK2bdVL-ZH4C-cMpNZhYBbOxUzxLJ0hKcC4jdnCpzzeNHKjudHK0yNqFBgGh_pgMyZ5ETateHCkLgcgADTNOAGQhkTzzwWbB68h3OD7BtbJ4Pit-CuzQ-ddoPb5kqLOZsIrEQLVve0zrWSjtCoZawcfC9P2u-XfKU08U3hBhATXYGpF9KcJVMT3HuAXRM-Jp_14oHGkDUlHWnJEVWOycJtwkC_xa0Im6LD2lzWhCX4fJ8Uk1vVnPlDh71o5hVwH2DLid8hZelXEOGxvRUm2X-CObb5vTrAHs-vmEcmSHIkyJrcFXcHNOREAmXigiuZXWbGT0xyVipEN8BYOp9CiPOETUE-gZF8L2-nGAtMJRiZGWgI6Mk6W7YEMyuUmLcvoEM3Rvlc3kkUNlR8TbZ0EmBb0t3YmJ97mCZDJtLdtftRgFJz0CAC84GlGzWOqfIFziZEkBTC7Kf3fEyFnlcy-MMNen1kRT6w94JgCkxL9x02cP14bHP-Zh1RedCHA6Z5dEmFA-IXDwO61y_FmQRns5tkU1iZRvD4kDf0igBMqRo2k44aah6R1RaA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alkoora.livehd72.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CE5 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6186645077026&version=m202309260101&ct=76&x=1&cor=1470300312021244200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 4777 35 B
600 B 39ms
39ms Ping
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=7495719497330081668@@67645895,6127185841834624465,100|1100|0|0|0|0|0|0|0||41|1|||0||1|0|0|KozPUtim1bVcPlakbYq96YP_cAOceBXicFoeBpfsofkKTtS8uJ2ACPL_QlhaeLlf0|||11||0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 525B 35 B
591 B 40ms
39ms Ping
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4077343675203892840@@67645895,4448698688964046809,100|1100|0|0|0|0|0|0|0||41|1|||0||1|0|0|KozPUtim1bVcPlakbYq96XaWhAq_ntkQuW5X5dOtvcfVbSpFk02VrPL_QlhaeLlf0|||11||0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE5 43 B
215 B 188ms
188ms Image
image/gif 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=627b650f-c059-5cf9-c2a6-5b1b1d908ec7&tv=%7Bc:qfuhSN,pingTime:1,time:2502,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D,%7Bpiv:100,vs:i,r:,t:1501%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1500,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1494~0,0~100%5D,as:%5B1494~300.250%5D%7D%7D,%7Bsl:i,t:1500,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:189,fm:tRT5DBk+11%7C12%7C131%7C141%7C15*.1135760-69474498%7C151%7C1611%7C1711%7C17121%7C1811%7C18121%7C191.1474271-71242846%7C1911%7C1912%7C19131,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:22,sis:227%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:17 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CE5 43 B
215 B 187ms
187ms Image
image/gif 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=627b650f-c059-5cf9-c2a6-5b1b1d908ec7&tv=%7Bc:qfuhSN,pingTime:1,time:2502,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D,%7Bpiv:100,vs:i,r:,t:1501%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1500,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1494~0,0~100%5D,as:%5B1494~300.250%5D%7D%7D,%7Bsl:i,t:1500,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:189,fm:tRT5DBk+11%7C12%7C131%7C141%7C15*.1135760-69474498%7C151%7C1611%7C1711%7C17121%7C1811%7C18121%7C191.1474271-71242846%7C1911%7C1912%7C19131,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:22,sis:227%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:dd90:d3ef:9f10:1c0d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 07:05:17 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.livehd72.live/	1970-01-21 00:52:15	Name: _ga_JSE7HX578Y Value: GS1.1.1696575912.1.0.1696575912.0.0.0
.livehd72.live/	1970-01-21 00:52:15	Name: _ga_78G87YLVGW Value: GS1.1.1696575912.1.0.1696575912.60.0.0
.livehd72.live/	1970-01-21 00:52:15	Name: _ga Value: GA1.2.31718114.1696575912
.livehd72.live/	1970-01-20 15:17:42	Name: _gid Value: GA1.2.121602020.1696575913
.livehd72.live/	1970-01-20 15:16:15	Name: _gat_gtag_UA_34099957_2 Value: 1
.livehd72.live/	1970-01-21 00:37:51	Name: __gads Value: ID=1a16de6c39c45e8a:T=1696575912:RT=1696575912:S=ALNI_MYMQ3A2osWZHrR-Wn260OlNfzeS_Q
.livehd72.live/	1970-01-21 00:37:51	Name: __gpi Value: UID=00000c8f7c9cb653:T=1696575912:RT=1696575912:S=ALNI_MYFfhBMl9JixjSsRkXIBnKEDz5yog
.doubleclick.net/	1970-01-21 00:37:51	Name: IDE Value: AHWqTUnHe02szwyv7Ba0G_TN6IpBU0Z057Fwyr_Z4RxTOBKYEtDDoglAHMoSHkMBCS0
.adform.net/	1970-01-20 16:00:57	Name: C Value: 1
.doubleclick.net/	1970-01-20 19:35:27	Name: APC Value: AfxxVi5SeZnlUS4-1CTETu9mwQ1hew5L8ul94_9uM5rnvtfdhV3ljw
.casalemedia.com/	1970-01-21 00:01:51	Name: CMID Value: ZR.xqmcgXYsW1xODJOAKYwAA
.casalemedia.com/	1970-01-20 17:25:51	Name: CMPS Value: 3200
.casalemedia.com/	1970-01-20 17:25:51	Name: CMPRO Value: 3200
.adnxs.com/	1970-01-20 17:25:51	Name: uuid2 Value: 4644537235283665855
.adnxs.com/	1970-01-20 17:25:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?bkadXP!]tbPl1M>e)ZlrFUfJ+tGXxpSKz>$.OWUYVY8-[HN$'V?8z-<uQ<916x(UCv3If)y3KL9D3I?+sO/9qX
.googleadservices.com/	1970-01-20 17:25:51	Name: ar_debug Value: 1
.adform.net/	1970-01-20 16:42:43	Name: uid Value: 4077343675203892840
.adform.net/	1970-01-20 15:26:20	Name: TPC Value: 1696575914579
.krxd.net/	1970-01-20 19:35:27	Name: _kuid_ Value: P1pr_v8D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=2294010360&adk=3972443666&adf=3315005860&pi=t.ma~as.2294010360&w=1200&fwrn=4&fwrnh=100&lmt=1696568712&rafmt=1&format=1200x280&url=https%3A%2F%2Falkoora.livehd72.live%2Fm%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696575912495&bpp=1&bdt=685&idt=438&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=335913105674&frm=20&pv=1&ga_vid=31718114.1696575912&ga_sid=1696575913&ga_hid=640100102&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076838%2C31078631%2C44804180&oid=2&pvsid=3374131933877549&tmod=621009470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&cms=5&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=WUZ94tHKdB&p=https%3A//alkoora.livehd72.live&dtd=443 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
alkoora.livehd72.live
alkora.livehd72.live
assets.lemonpi.io
beacon.krxd.net
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
content.lemonpi.io
creative-libraries.lemonpi.io
csm.eu.criteo.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
ib.adnxs.com
image.lemonpi.io
imageproxy.eu.criteo.net
kora.livehd72.live
live.livehd7.cc
livehd7.cc
log.lemonpi.io
m.livehd72.live
m.livehd77.cc
pagead2.googlesyndication.com
partner.googleadservices.com
play.livehd72.live
region1.analytics.google.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s1.adform.net
secure-gl.imrworldwide.com
star.livehd72.live
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
track.adform.net
us-u.openx.net
w.livehd7.cc
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.102.35.84
104.18.27.193
142.250.181.226
142.250.185.130
178.250.1.6
2001:4860:4802:34::36
2600:1f13:800:7781:dd90:d3ef:9f10:1c0d
2600:9000:2156:3c00:1:5992:c8c0:93a1
2600:9000:21f3:0:8:48e:53c0:93a1
2600:9000:21f3:200:1e:a43d:b640:93a1
2600:9000:2250:8200:5:98ca:e7c0:93a1
2600:9000:2491:a400:f:7bbd:36c0:93a1
2606:4700:20::681a:702
2606:4700:20::ac43:46b6
2606:4700::6811:180e
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:830::2001
2a00:1450:400c:c1d::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:d::11
2a02:2638:d::2
2a02:2638:d::c
2a06:98c1:3120::3
2a06:98c1:3121::3
2a06:98c1:3121::9
35.244.159.8
37.157.3.26
37.157.6.236
37.252.171.85
52.209.50.140
63.32.14.94
63.33.100.143
0008ec363714aa285af5081471504f1d1781bcf042af6593301150cc319cbbab
0021875aecf433f9983377018f961ec321d6ab991778e0ff86d8d9d4d3f997fc
0065b495e19946f45a31357b3f1aa48addebfda1ed330b5691027566611a497b
019dd03793f889ae3772fd1c365e8dd8917b0b0d9f96445ddaca1f0f141e663e
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03222c25f7d8457bea5f3310a6e3e7f8c23bcb07bf11d0f291acfde290e249d6
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0504a3bc414b1e7256cbb5792cced840009e2e5ec6fb3aa61d70eea4d674e15c
081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09a55cf1b58dba49abbedef8a36b5d911f890391e10328cd4e0f8e9c2c024fe1
0aebb3b43134cc24e993d0613fc7067fb9dada75e99a47f365fa6e6409dd465b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031
0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e
12343eba76cae886e2a62c650c22c22204a0b768426331253e6a5cd81d748a93
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a370f2b8dabca80528bb4445d21d76e226558f9179029ede8cbea865fdd67d
14b5819f087cea4d77d69162f0b36c910b87d07ea127ba494d9dcc46c9602eec
159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff
1650825e6c38ca16c41288baebb0888dea037490617c85108071796ac9b13acf
184158b86609c0805441583af03684e5d2e349b481bc5e0b405eef4f63d0f25f
187936dbcd2d140b6e6accba8159082bdb2da348900dd3a462acd0ffc0e7ec86
1a2580e5b80634bb81a7a719263b45a8338d82662f5b03d4643e1570b9e1aa8f
1a4dd11c3764a3be7caee75eeb660be2d9f01fc3ba61f95990d8f64e5e441875
1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762
1e76b6bbe3a0a21a9cf3ea057fdbbeeeb9b682427a60c65ceb6ae75c91989e9f
1f84f4f8c0c4080b3dd0e1d4c498dfe4a6af20cde44ae4c462f997727f5b73ac
21a2e43f8b361a30e49c85f73588446d42fc845bdbd990da17648ab1917063d6
256a3afc8f64b7342e11eb224706b7d896d55994804576b7138054a603d43157
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2790db0ea910b3d1c053f6b304ba8e70aec94d9323453bd3ae0920a032feaa8d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
302f244e54d9b93029a8583137493d2844dbd3550ca059dc086c364982ba1313
3097ee88bac26e9a269959817df09c02ba2a1ed452a07830c5318d57870ad8ce
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98
3209947ef5d4b55b88a7e0d39ab85696dc6703ac784b476abc58c7b28463d79e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37a83da938b5d2f5fde7eec2b492f2c21ab5f689e41485cd8b42251fd8c8c9a9
37e8c7fe78ccf2c2d3766c50c68da1c53f17462ecad1d0d29477707413d6730f
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e436c2dcf1165119242ff0a90b60883a2cc1a5a46269bddd102eeeb95bb8768
3f6a791b59aa71a798884cd452b38c37db49485d7c090a9cbae940a49889cef0
405a6fe253c1ffdc3838e0994e01da877d806ec4cd52dba4fb7f4089cde971af
40d3b06f1d09138054ee8a96f8b085b13f68d88beac0fef2f46b90016fcac9fd
416f2f546fbcedef016bf7f70db2539f9e0b23500ab7d1a7788ec9913038635c
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43b4e82e981b137b4638ceb39afe7a92ca874163110d829cf8d07d0fc81100d3
44e764aa230cc90d428441144faed7de79140185a08f306e9d46fc3b5708dc40
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4541068197d1c1139b529987b03db202070cd3df77a20ebde2edeb6e96d83144
4929e50e6b4549dfd2eeaa74acbb7d399334b1ec608b34aafc44a07435cea085
4b32776df2edf8a7b022cefd96b6e5de809d8fc92e98b53c56fee19dd8e664fc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cc1abd90f8157ac4f56124a0451b6c5efc460a8cb974935023f054bb9aa166a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
518ef8c9b9137f85564014f334cb05d0093bc0fe9964cf6dead59010bffd25af
5235011a320038991ae0e2bd29ae6930863a4dc44095f9f1049fe7d822806053
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5428e1ea7dbf51a0f714aa4f3ff7323b06933dc9dae33cef4aed50cb2ae11346
55832ab2fcd87f64646899500bc87f11021c32c4ebf2d5fb654337872ffe22dd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fd96e45dd49f496a619f9eab6fa4b877a41a1bbe6c749f5d4cf4be40b17c89
573946063a72b37c017ea096a691816605f9f6c9aa7cd38fc31f9c4b5e777bc0
58486c58ff9ff1ff2068b0521eb577462905a27d264b6b41d6238085a6c9e463
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d60a0df5f826661c9122403127162e9478c9dea4cd6976e2e2970df3da0ea9b
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
654ae90a0c6574b479192d49d22ab7f296c38286e41727c8ac412b2a4fae9d54
65fb32591cdc41235d6917b617f4e8c85a01f84e15d4d50ec6c5494564ac8f4f
67cbfa412469ad1d694e0cddeabc58217980c00ffc983ccdc482f8410d59c49b
67eb28be55f2a6d2f26cf9499a67bce4ae5694e949302d661156b6cdd811427a
693b8f1e0afe716bdf62eb9f1c045c86527264daf3461e4e91a634a3a9654b97
6973efb8df23c98969b0c8b8d55ba544e02faf7bf70854385af3a4856e86c256
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
723ac4031f9dd9aca8693222b53207f84901329424b6d48734dd320306052fd4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
76fe3b76578aa5cc44c354cc49f0ff254eb8a8f58ac61ad31690418773d53417
7716b8d734dc6a595d6dc61f535dd2b18a9a671a824488d1d73c804b8e470b3c
7813226abb8a96b43c775baa0c109186ec8b6e723789ada7aaa43346596b6450
797b90342d8b11e76549f01295bd22ed1cc2e36f40472399bb42bce6a50c320b
79c08415efc9f89939d231ac1188331265f8e6609c395500f38d286efbc06e5d
7a96128f7b3077550ab2a0571d771dc939239f8973bd34c289c7573b1e59b47e
7ad2a0944965e2cc0979d5fab177f9d157a4d111221aa7e02376d135aa557783
7f6f9cf957275105792c25170850c0e172aef14a2ee07b4ffb029892f4b70d49
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
825a359f8c3c90bde0762469d2dd96cb2daf33f0a8840a3a7b81ffc06fa6b323
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858d2b89ad7f7c840ccc565cbcfb6af1afad41cbe28c76b96c53b774e5b44593
86b47584b4bec77d09cccb9299b6416159f386f10b805eb4ff377077dd97c574
87a47fa8d5712208e2ab439d0fe8e1145ce71571ca702499ab1c7c7b5fa6eb1e
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8952c4fa3d17c07083624e544f615118d869baac6db6ac731e6a9f7905a09908
89538cc8ff33b3fd2fba7398d0874447ae46cc56828735a5a285d48849a21d86
8c70c1d037a9253c679129be440bbb47724d615716c80cac4d070963218800cf
8ddcb6c884fa07f3c6e8eb476a17a3c8afea2f000765b31b1a569b85db8e77c4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8
95c9804856307a239e1673990c74428320498a2fa411767747d5916b308d0857
96891605102d9fa142070c4eafaa951822ace0eb231eb51c4bb0809817ea7a4b
9b4f6678c21e7d156c5198de7facb999bcc44dfa3cf032f510582e82f060b747
9e6133522c02619bdbd511938bc4c9f30212d3ed13be722f94f8fc51563e4380
9fb4cab23297a8472724d8cf2b9433c707ae1c5ec2ecae915eda0d6c7f89bd40
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff965117345941d5e43920e9f0a2e1629afb818fb2dcfe574e072b1d50352d4
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2ad721f9785870e5b2376493c295cd256eafcccda329bdf717363b9974838c1
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a63f4ccc751a27463771ab83eb79f1fd3b132d7b2d44fe30ade30ba349fa6fdb
a649d511a66be9f62d7bf8ad58cd9f615b86d7b2b8c9bf54a3135bc5e569c497
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
aa8ac2675ca53f20fbad4ff0edf1a37e68e2db9ef2540fc6e8157b8f58784e65
aab315dd2a1f25ee22e8d37deebd23957ebd5a510b28114646b886d7ba5099d3
ab24c84ddbc6ed75af647be619fc664fb9645362861859496d01f555ca3d77cc
abbb00f7215c521373302000f35093a59ed322598b7a7e8658f203ffd1ab6af7
abe4b3eafda7f9ab6cac6d9f8b988bb9899dfdacd65514b41bd6c72c490e6099
ad1ce966c974313970e63188acb96723fc1e43379d797b33240cf8f5f4427c74
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a6221c49a2071980f51c3fb467a1f0f62372f09ebfff3cd0be58de9280e640
b7c683ee2dce4490cd4c3adeba2c8b14d6e834ac083dfcd0114ef19e710ccac5
bc567c997abd62a245f8a83d82f6ecb6da56f7e40d814e8db2d1ed096228c674
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed
c141cf3bdf6a65b630c6b85f1eb667795a6d5cafd772e212669d5036950303c7
c8df915937870a885aa429704ba3364ef054b5e3889e426c6fd88284547134a0
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
caad3a8002967f41af4aef5e8a2884761e9b0527e7e72353cda819b34e162584
cb6b65d3d4934da9190378e1006177eda35227dc8445bc3492172ec352e61df0
cf6335db25e2be5d4177c35df8fc23434b617227d12f5a17083bcad0b074ac00
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d71d89e118a62f2622e316948c886b823c66ed5d51cf21a6ce5bed13bc9d335f
db1a5ad3265c2151c414de33833c4c08c3e147bceff6ded376154dd18695d568
db71b25aca02b56a09fa6d4d64844ce86693757227739aa518dac34b5eb95684
db7961aa3124a18053f14804ba1e5c4aff688758a575cf3716befe1e929e2249
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4da33b195ae3ae4ee56ee1d9a0d3104c5d1614502781f743e1dfc9f52ea5ea
df6adc68872560dbf2284e55cbc8782c6c82791abbab52b884e37576b2d8b887
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1ecc87894306d2daf7128a6f6231d9826456b7482555fcb7e17ccf6b7404b50
e346fec685e75c2827eb3f21c6457399cdc89cba79168ac53da4bcdea989751b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8
e5e94f821e73b752d49ca2754a6718083e742e7939abf817decf678a37311d8e
e6507c0ad2d8f6a6d6964a6d0b4f99876b08ba71d7d3ed65153387576b921f04
e84bd58a8f82804de2b408f8523e3a06a03e348e5def8767a9c976a6cc4daadc
e94fdec09288ba9dcf0e6b13f531c4a4fd9d65929f347d512460ce0fd6c9cfa5
ea437da88136fe2eba4fcb307640131584cc8fc3fdaf98a625f1e054aee9395c
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebc6accc9bee53144f96190c4162533cd4f7da2b9476f88fb99b80d5752f5fe2
ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11f1889264419cd5533c2c38f79984d7237fc4bb1917a845ad0beda86c95b1c
f2d50cd54e3f1fc05e0327433a48fb6ff8bd0a9481770dd3e8b40055bafafa10
f4ab61d7d93936e5f8c38dc7a83403ccc7fa45b7641e3606f09fee1bbff204b8
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f66fb2349895f5e02f3be4c30100206f7dcbe6f384c2287045e7b7fe50cb073b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8a4d33f7ea17080f8607fc96683732f94cac3a89d9f0a377d261eaf2ef31a0f
f9970385c171ebd202213484ef9a505e5b4a5748b4a7e2c74dd29637f91d75e1
fcc293e9a2b96c8c746e6994044ffebc2c87df86803b9c95db7be1530430dfef

alkoora.livehd72.live Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

312 Requests

91 %HTTPS

71 %IPv6

25 Domains

50 Subdomains

41 IPs

7 Countries

8396 kBTransfer

15182 kBSize

19 Cookies

7 Outgoing links

Page URL History

Redirected requests

312 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

alkoora.livehd72.live Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

312
Requests

91 %
HTTPS

71 %
IPv6

25
Domains

50
Subdomains

41
IPs

7
Countries

8396 kB
Transfer

15182 kB
Size

19
Cookies

312 HTTP transactions
6 data transactions