koooralive.online Open in urlscan Pro
2606:4700:20::681a:910 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://koooralive.online/
Effective URL:
https://koooralive.online/
Submission Tags: falconsandbox
Submission: On November 03 via api (November 3rd 2022, 7:53:08 am UTC) from US — Scanned from DE

Summary HTTP 186 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 30 domains to perform 186 HTTP transactions. The main IP is 2606:4700:20::681a:910, located in United States and belongs to CLOUDFLARENET, US. The main domain is koooralive.online.
TLS certificate: Issued by E1 on September 16th 2022. Valid for: 3 months.

This is the only time koooralive.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:810	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700:20:... 2606:4700:20::681a:910	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1 24	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
16	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	52.28.86.14 52.28.86.14	16509 (AMAZON-02) (AMAZON-02)
9	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:2000:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1 2	23.205.253.64 23.205.253.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
2	3.10.106.59 3.10.106.59	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.102 13.224.189.102	16509 (AMAZON-02) (AMAZON-02)
2	3.10.60.133 3.10.60.133	16509 (AMAZON-02) (AMAZON-02)
186	43

1 2606:4700:20::681a:810 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

koooralive.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:20::681a:910 (United States)

ASN13335 (CLOUDFLARENET, US)

koooralive.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.86.14 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-86-14.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 4 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:2000:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (Glen Cove, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.253.64 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-253-64.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.10.106.59 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-106-59.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-102.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.10.60.133 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-60-133.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	390 KB
29	criteo.net static.criteo.net — Cisco Umbrella Rank: 782 pix.eu.criteo.net — Cisco Umbrella Rank: 5787 csm.eu.criteo.net — Cisco Umbrella Rank: 5892	410 KB
27	koooralive.online 1 redirects koooralive.online	255 KB
26	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 320 ad.doubleclick.net — Cisco Umbrella Rank: 208	138 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29046 ad4m.at — Cisco Umbrella Rank: 8843 assets.ad4m.at — Cisco Umbrella Rank: 38886	765 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com	154 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10346 ads.eu.criteo.com — Cisco Umbrella Rank: 5761 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7537 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14340	95 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	281 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	1 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 922	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 16308 api.webgains.io — Cisco Umbrella Rank: 49444	31 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97 region1.google-analytics.com — Cisco Umbrella Rank: 2041	21 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 41842	50 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 17173	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 483	971 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 2255	485 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 989	927 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 107755 static-de.ad4mat.net — Cisco Umbrella Rank: 161777	4 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5594	914 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 96558	517 B
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2078	750 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 899	98 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1394	356 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 913	818 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 361	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	700 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	75 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
186	30

	Domain	Requested by
27	koooralive.online	1 redirects koooralive.online
24	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	static.criteo.net	ads.eu.criteo.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net koooralive.online
13	pagead2.googlesyndication.com	koooralive.online pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
10	pix.eu.criteo.net	ads.eu.criteo.com
9	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	www.googletagservices.com	googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	track.webgains.com	as.ad4m.at
2	www.awin1.com	1 redirects as.ad4m.at
2	ad.doubleclick.net	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	koooralive.online www.google-analytics.com
1	analytics.webgains.io	track.webgains.com
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	id.rlcdn.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	prod-rtb.ad4mat.net	koooralive.online
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	koooralive.online
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
186	49

This site contains links to these domains. Also see Links.

Domain
albaadani.com
livehd7.co

Subject Issuer	Validity	Valid
*.koooralive.online E1	`2022-09-16` - `2022-12-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://koooralive.online/
Frame ID: BBF5935C4250FF9150E1A542AAC760A8
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Frame ID: E918F5B6B58CFF374C0C6AC6F6F63BA6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&adk=1812271804&adf=1573534164&lmt=1667461983&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkoooralive.online%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983238&bpp=6&bdt=367&idt=265&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2315458891532&frm=20&pv=2&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=290
Frame ID: ECE3404A599D09E0F2C9A9B02B6B3C19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=3748555641&adf=3025194257&pi=t.ma~as.6624613281&w=1200&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1200x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983244&bpp=2&bdt=373&idt=287&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AZ29ib06SQ&p=https%3A//koooralive.online&dtd=294
Frame ID: 88ECCA634987FDFB9FE41F4FF1DBD949
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=502529937&adf=1197125821&pi=t.ma~as.6624613281&w=1100&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1100x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983246&bpp=1&bdt=375&idt=299&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1947&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=y8Yf4f8mcm&p=https%3A//koooralive.online&dtd=308
Frame ID: 3FE6DC90CDE08FED0910FE6874921371
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2NzXwAKpQQDigBWAA5UzAicptnQSH_UKXk5sg&u=%7C7Uo7af6LqpCPABN9wOWbeoB%2B%2BuU%2B4fz3FaR%2BngfOx7Q%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5aheU7pvyLAKYezNkd_JqRvUu2W9pYhwCg3cjgYD93aqN85H_vuTOUgdf1Sd1B2mvqkvaqnF8Doaf4rMNhrS2vpx9-empMKFDy2_cugUsTGnwOt7l3rFyrC_Rh19w8sNoFdre1G_5QakoWPDMGBnkctLt0SA69JWpYBIXGfnv4Wc_fI2-uDT2Lcxu-3O-2-4JhcBI418MuSpZ00aBC2Vjp-ixARszyjvc7nal06TfhX6_289pCWSanXl7SkYtWuV6s29hoF3LBRv4ZF0PLBPNkRUGOwOYCIMwD5D-Wd6NP1myYLA19Okou3a9XH78F_UU3RHPfXmJUDTvFlkk1lf4INI7nTkt-lKumyNO2hnfdsgAZDjexL7jQ_tlyyXJJ7l40cnNPRhxSqYIRSvtYnoRdBea6koLj73l5dVCvugvcfXOPgIr8RJ1A3MBJ74Ktle_gUM8YEt2nOvPzxKe7853XZHNEyU6TpGqEEYJJ406M57KBr9Zn04u_5b8cteBVr6moOAVreHudI9zR9Ux9kRE5Z4tSBBqYfP_ElTyEGIxcrVzSMCKoizBGLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbcojX3NjY4TKKtaAqMwPzKm56AHJntKxXL3plfdwwI23ARABIABglYKmgrAHggEXY2EtcHViLTMyMDgyMTQ0MzczNDA5ODfIAQmpAtbSiSNeebA-qAMBqgTBAU_Q3mWx1IrTNsq_5c_8RVvft4A868GsyhyJY6wVUCpJyszMsGlZ0JhyPpXZj5E2YNjbKtJIHU1nt5GAw-npzQeX2U0GfZfrrPvy7XgjSYf4cYpup3YnlE4MEUUSnDmq64WzacQG2v0yg4GMtu8VrF7KOfppEtKmD4ZF64PhdwVrvkHnUShDDces3VsddOnQIkn5KmzujjhLNEH1sMIcOsT6i3O5PcwU3szO7Llh_OLR8IGh5tgr25qSMavGi36u34GABoOUmOPUrNStXaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Cjioe4GYmbvszFowXQHAvrLa6ZQ%26client%3Dca-pub-3208214437340987%26adurl%3D
Frame ID: BD2A91B1FAB55DE6A5F362238C9941C4
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&adk=3749226152&adf=1197125821&pi=t.aa~a.1279054838~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1100x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=-M&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280&nras=2&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AeUfkLhKxI&p=https%3A//koooralive.online&dtd=6
Frame ID: D22DA9383435F00C77ABC538EB3AB86C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1200x90&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=0&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280%2C1100x280&nras=3&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5Ote6YcNyi&p=https%3A//koooralive.online&dtd=11
Frame ID: 2ECF0BB473C1B5366AC14467F65466D4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: CE4B60948E5B0AC579D97DFCFACB7A6C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3D093BE584D79B95D9678B4811AE0895
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Frame ID: DBD39151D8BE1E0E716AD15E73F817E2
Requests: 16 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 44F7204C8A50502BA76D5AC4F6540C58
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E02F78C804BADD74FD24BF6E96FBD310
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 966152E7CCE4522D8335749ED9A0B839
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2NzYAAKE3UFKM-6AAxOAd59Wd5OkOmzuGkEKw&u=%7CEryzPjamggRpXnZY2cmQQNtZOWGaam%2BT1TVb3M%2FqUdE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoCxxkKCLRpS669dkhb0EIObkTuJfFt_rg3sle-BLDFOPOhmesOq3XG3mkSMqiK5ldgxu0QcMwMLIYbUa67WveVketf-bCa0OvMFtQisY4Cv7Gr5tpDnD4ZcxEoqrX2d3lvlVXBmVmu2APF_FJMEy3v9pCGvqrM-W87XzCd_-z-9Af5w_XvOITHE62O3pTeW0jNWtAFE7n0Ekb2mmGePDwB0nO9LBQlqinnHMn16vDjsF65sAgd4kifnJcaC9Uy0r5_fuy-IbaGDvezzAnf2MRyBcqhCxYzvv36B61oHvfq3WPFlLD0nCNAv8Tl5LCsbU63PByEzPnHvQioULZ1S7loEJ6zDTebC6LKtizUC_oT_1_66iPsGfBLqelxZNsjswmK9Z99rL38olYqbj3TDfy0Ta08l_M0V-RLcHiaQoUY0YOCOf7mFGscz_S3nJiz29D8xIdy2IwBMf6XXDiDmm9YDxs02YbeFftMinvTSi1LVuLTv3ai0tcfIHzywqd9TW_A7KAJyCuM2pdt3P8IxuomA4U09vurn2265deiTLrgO6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjIdMYHNjY_WmKLqfo9kPgZyx0AvJntKxXPXalvdwwI23ARABIABglYKmgrAHggEXY2EtcHViLTMyMDgyMTQ0MzczNDA5ODfIAQmpAtbSiSNeebA-qAMBqgTGAU_Q_AdSkOceoB5rfA_ZPiabLDN1zxGKie4dUPokcG_0NVVT57Va5edGMqcPZYxkDpIGxksUzYaFSrB80PaUndPyrlsMHm646heHnPKeYDFDXDAf0j9kOsVknUOdRY32YmXy7C0eybIFUIvyEPMuuq2gzwQTY4S3k3iHecRd551M2l0x_GoWKrxyFZvTZB2P-i7fCPWJxQoFvsueSBhnMT_yBM36p4sD5iLyzL8qYXvgQsHewEDanwg98vkagfryxBhd9MGITIAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22mFRktJFGL9sIWuMJHa9F00YJ8w%26client%3Dca-pub-3208214437340987%26adurl%3D
Frame ID: 6A171F6B494FC0043A999772A88CBAE3
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6A3D1D6B4DE30437E6E448CF51E6D257
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CZwPkYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoEwgFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkrJ2l5IaVnQavnIAb0o6KjpiQXwPiIBDeZ5doQQR6YVSOtvUowq-YAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMjA4MjE0NDM3MzQwOTg3GAA&sigh=CVu9dQ0oZN4&uach_m=[UACH]&cid=CAQSOwDq26N95VF-6lutGS9OYkX6cZbpEiYN6fJJRzt9f-w_ZnSK7GlpfZ4aHykdR92I6BvJVm0pviaueIMIGAEgEw
Frame ID: E001ECFAD69352E63D6C77C5853B3F64
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1htkwsj7x509y4j76daabq0sbfenksmh1fzgqez4t3df2fpss7wy006ca4g303ctvds6m56p9aqwt6vm5kpnnx281s7p05rdvves3yq1perap55dv68wt7fc26fggrt4ye7ce8exz9qr2vpzjay9grd6atfzz4vw4jptg5atd05n9xcbw1hwy88s76vfx1zf71ekag61ktwbaf6bzqw69vjxva9n18sw9b26t1vxn1cj4bv8wx8vs5b8nw87zt1ck312e1xyfnyws4psm17v8zm897yv6as36ayg98k3y3zpd8w8nnrytedkw2baebk4201sb2rf0qvtrc5rw60fjnftc7nxs9vfj8djp95hajmyk5mk61h8bps67cya5tqna3p3sa3jpcktw0rcytq9r9a6tqp9mwkt4jcfwsfhyzdhjnke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%26client%3Dca-pub-3208214437340987%26adurl%3D
Frame ID: 0AF9FC9D2E97BEE9BDA6FCCFE2E65F70
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 385D1024FE2D3B927AFF2CB45A71D863
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A208793287AEC3534A2B8E3CAB20D586
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0
Frame ID: E98613C82C98C9566102733CF1ED9852
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8E9F4D4174E08DAE40182628A220984F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D5C5678A012D2C9F2DAE5D01A8F2DC2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كورة لايف | koora live | kora live

Page URL History Show full URLs

http://koooralive.online/ HTTP 301
https://koooralive.online/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

186
Requests

95 %
HTTPS

69 %
IPv6

30
Domains

49
Subdomains

43
IPs

5
Countries

2683 kB
Transfer

5233 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://albaadani.com/
Title: Designed by | albaadani

Search URL Search Domain Scan URL

URL: https://livehd7.co/
Title: الاسطورة

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://koooralive.online/ HTTP 301
https://koooralive.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 137

https://d.agkn.com/pixel/2175/?google_gid=CAESEJsFU9yMb77wZJ2HNT8zTaE&google_cver=1&google_push=AZmPxg_IzeAxsD0NqrWS0axvIk62kdERdPjewCu8tf839rR4i5vebIT3Izka4rr7hsscTbj8o43hV5p7C3xRtE1w4o0rSaLZ5bY9VAciKPjNfVeYy80oK4Woam_tKq1FNPPwg0GJNn2BeqHmCTeCsiGLZ2U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_IzeAxsD0NqrWS0axvIk62kdERdPjewCu8tf839rR4i5vebIT3Izka4rr7hsscTbj8o43hV5p7C3xRtE1w4o0rSaLZ5bY9VAciKPjNfVeYy80oK4Woam_tKq1FNPPwg0GJNn2BeqHmCTeCsiGLZ2U&google_hm=Q0FFU0VKc0ZVOXlNYjc3d1pKMkhOVDh6VGFF

Request Chain 140

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIIJ6xnrTIEG963SQD7dDQg&google_cver=1&google_push=AZmPxg-cLToXZRatexeBbBghE0r_gZvWlrJ6lufLzz6lQ6ZH-kVUJcdElWn3t_6E6N05GG3I_08TFJI0VVZGsBFbop1f0IdNxU6fr-IFjaC6ybaMEQDi1x1lAUV8oQZKKBRxOCDhjj7pwm-QUlLPTbQdg4Q HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIIJ6xnrTIEG963SQD7dDQg&google_cver=1&google_push=AZmPxg-cLToXZRatexeBbBghE0r_gZvWlrJ6lufLzz6lQ6ZH-kVUJcdElWn3t_6E6N05GG3I_08TFJI0VVZGsBFbop1f0IdNxU6fr-IFjaC6ybaMEQDi1x1lAUV8oQZKKBRxOCDhjj7pwm-QUlLPTbQdg4Q&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XXeenu3rRMeOqdzDf3qPYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-cLToXZRatexeBbBghE0r_gZvWlrJ6lufLzz6lQ6ZH-kVUJcdElWn3t_6E6N05GG3I_08TFJI0VVZGsBFbop1f0IdNxU6fr-IFjaC6ybaMEQDi1x1lAUV8oQZKKBRxOCDhjj7pwm-QUlLPTbQdg4Q

Request Chain 141

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBfgbVLjpaKTOSgCVdq8aPg&google_cver=1&google_push=AZmPxg-bGaGDYYfILwXSRbHrw4oZJ_GS8Ae3B0Y3bQOT2x8GeCoQ5ubBuPpeaClSdZg_G3XTNmGHe8r05f1kvQQA5kKVgXJEi2rY1cWalGvqfFcuUhywn4XtrJWSJBwH424ajT889MU6VCkO2v_8GtPtPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwUlRBQ0ctMU8tRzlRWg==&google_push=AZmPxg-bGaGDYYfILwXSRbHrw4oZJ_GS8Ae3B0Y3bQOT2x8GeCoQ5ubBuPpeaClSdZg_G3XTNmGHe8r05f1kvQQA5kKVgXJEi2rY1cWalGvqfFcuUhywn4XtrJWSJBwH424ajT889MU6VCkO2v_8GtPtPA

Request Chain 142

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_cver=1&google_push=AZmPxg85NjudibKCUmF2ORc4GF_vO5gzTF2oMYdfe6q9ley8gYkQWgOJQRNRtZktfimEbFBkT2eSNHIF5z470tSNxg7izV5ZTCfHyVQYzKJbE5OHL0vCUc3oNVn8ccppfVQW6S3mupcpwCR7t98njow5fQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_push=AZmPxg85NjudibKCUmF2ORc4GF_vO5gzTF2oMYdfe6q9ley8gYkQWgOJQRNRtZktfimEbFBkT2eSNHIF5z470tSNxg7izV5ZTCfHyVQYzKJbE5OHL0vCUc3oNVn8ccppfVQW6S3mupcpwCR7t98njow5fQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_hm=Y2NzYewl7inITWyYhRhclQAABFIAAAIB&google_nid=index&google_push=AZmPxg85NjudibKCUmF2ORc4GF_vO5gzTF2oMYdfe6q9ley8gYkQWgOJQRNRtZktfimEbFBkT2eSNHIF5z470tSNxg7izV5ZTCfHyVQYzKJbE5OHL0vCUc3oNVn8ccppfVQW6S3mupcpwCR7t98njow5fQ

Request Chain 148

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIIJ6xnrTIEG963SQD7dDQg&google_cver=1&google_push=AZmPxg8Obuh6iRMk87BjxRSz9HLhlAxM7z_wcmEf1FajP88-RPea2-nqhBc2A66ojase9Q1hYhmjJe8MkofcEuatGNRcNLIoFn3C HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIIJ6xnrTIEG963SQD7dDQg&google_cver=1&google_push=AZmPxg8Obuh6iRMk87BjxRSz9HLhlAxM7z_wcmEf1FajP88-RPea2-nqhBc2A66ojase9Q1hYhmjJe8MkofcEuatGNRcNLIoFn3C&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tQg9DCo0QuucYqHfv1k2ww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8Obuh6iRMk87BjxRSz9HLhlAxM7z_wcmEf1FajP88-RPea2-nqhBc2A66ojase9Q1hYhmjJe8MkofcEuatGNRcNLIoFn3C

Request Chain 149

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBfgbVLjpaKTOSgCVdq8aPg&google_cver=1&google_push=AZmPxg-GYojN5UXzPZ3J_4Tw_oE5ReVOXuBY6-37p3qYkAlm3cIo56vCTtPP0Ai2XyJce0vgcoKiSZkJM8Itx130lwj_st8aMvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwUlRBQ0gtUS1LN04x&google_push=AZmPxg-GYojN5UXzPZ3J_4Tw_oE5ReVOXuBY6-37p3qYkAlm3cIo56vCTtPP0Ai2XyJce0vgcoKiSZkJM8Itx130lwj_st8aMvQ

Request Chain 150

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_cver=1&google_push=AZmPxg-5v4NPgIK1zTT2Y1ddhGM5Lo2xyTe2xpaLgzXA3qUGwLaHtFbvb10Renxs7Y6p5_cA8ZSPVWghx0QpJPsA7W2HETHRJkzd HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_push=AZmPxg-5v4NPgIK1zTT2Y1ddhGM5Lo2xyTe2xpaLgzXA3qUGwLaHtFbvb10Renxs7Y6p5_cA8ZSPVWghx0QpJPsA7W2HETHRJkzd&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_hm=Y2NzYUTgYVH__WpALPGFnAAABGQAAAIB&google_nid=index&google_push=AZmPxg-5v4NPgIK1zTT2Y1ddhGM5Lo2xyTe2xpaLgzXA3qUGwLaHtFbvb10Renxs7Y6p5_cA8ZSPVWghx0QpJPsA7W2HETHRJkzd

Request Chain 182

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CN6F5_rDkfsCFYnuuwgduoIH3w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667461986_8d25cbe0-5b4c-11ed-89a3-223851067267

186 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
koooralive.online/
Redirect Chain

http://koooralive.online/
https://koooralive.online/

75 KB
16 KB

240ms
155ms

Document
text/html

2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28edb842cc842fc0091521fb6364c79f2b9627d2eb316b02acab2471cd4146f9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 764388b00caf9c01-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 03 Nov 2022 07:53:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FcYNuftErFKmOns9Uu%2Fm4lmrIv9X%2BdBH9KaIK2bmtJBPybkhh0vBwCrP7XWwRKIdf8BXMlpftBZ5%2Bi5BVXTVuhpl04EYpvzA%2BazUL5KbSn%2FJVuiiv5mz6EdHx5jZ16Y6hzYUZZ9Ps%2FKMo%2FAIpw0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie
x-cache: HIT

Redirect headers

CF-RAY: 764388af2f51902e-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 03 Nov 2022 07:53:02 GMT
Expires: Thu, 03 Nov 2022 08:53:02 GMT
Location: https://koooralive.online/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgeaN6vThS%2B1iiuZS9Pd12K828dadeWSXfhzNGM%2BRlUpA1OupfNGLxJZyRBrsnL1DwmVe2Kl77IDdeqmEQeeP7na%2BF0VupsTh3OMWT38FVkLIcs2ucpoM3va8ANq3D2Ek3%2BsFm4U%2FU6wyBj0vdew"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 style-rtl.min.css
koooralive.online/wp-includes/css/dist/block-library/ 92 KB
13 KB 48ms
47ms Stylesheet
text/css 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive.online/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19caa4923b1af5a163235d893ce44adcf89df166f0ec58ae11d34ccf7545f2b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Thu, 03 Nov 2022 07:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 12:27:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 68461
etag: W/"6362621f-171e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2B0skluiiDJnMmWuUzOfZrZ3nOQw%2F%2B7wU%2BJpSelJIeIyFvvPKgsaFjVkTPAnyTbdUPP0Brc5yYwmigZh5zoSgz4g2zhcLxdzMOBYz6AvqZl8H%2Btm7h%2B4BVLeZe3jLZPjdqD72ni09rpfnd4dprgv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 764388b10e789c01-FRA
expires: Fri, 02 Dec 2022 12:52:01 GMT

GET
H2 200 classic-themes.min.css
koooralive.online/wp-includes/css/ 217 B
587 B 46ms
45ms Stylesheet
text/css 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive.online/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Thu, 03 Nov 2022 07:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 12:27:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 68461
etag: W/"6362621f-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=md%2FD3pkS0YB3x7cht9hrabq62AJqfdCQUWr51JRBicETZdxKTbCF55ZjlEncVtqqKsyW5PbwnnGTzO54ioF%2Fj3Wr1%2FiBt2%2Fi%2BlBY1SNjbvMTgoC%2FFzXwv0ZKlbxtbs%2BXJjUl4WwVO6Lb0snCro%2FE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 764388b10e7a9c01-FRA
expires: Fri, 02 Dec 2022 12:52:01 GMT

GET
H2 200 jquery.min.js Show response
koooralive.online/wp-content/themes/AlbaYallaShoot/js/ 94 KB
34 KB 64ms
63ms Script
application/javascript 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive.online/wp-content/themes/AlbaYallaShoot/js/jquery.min.js
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7ca8f6af1b7f41e3b9d39d7281be3ee848d8052832e5c5e08b5926c653e24ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Thu, 03 Nov 2022 07:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Apr 2022 22:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1666537
etag: W/"625f3e18-17980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2QQcHtnMHxU5Z6F9k%2Fzkvaut%2FrTtsNFJPfTKq%2Be3kRCzTmJK3WGjLdvyaRr7BbRg1iNFFAJMkQAg98qemi7oPNR%2BKK1DJaGjHcVXcnAz94dLaShgRg3dZq6p4uGLc0EUwgjfCzHvzulelvldPdj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 764388b10e7d9c01-FRA
expires: Mon, 14 Nov 2022 00:57:25 GMT

GET
H2 200 advanced.min.js Show response
koooralive.online/wp-content/plugins/advanced-ads/public/assets/js/ 7 KB
3 KB 62ms
61ms Script
application/javascript 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive.online/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.37.2
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ca576c1a2552134c66c3bdfbbff559654f0eca9d749d2933397df6b80616852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Thu, 03 Nov 2022 07:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 11:24:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 71301
etag: W/"63625371-1c13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SABMtljtqtoSorZv70tp16UhuYFZmU5M96d4mXpl%2FlvTBXNLw77c6tiBaNvOX25KCwqplXRiO9ABdReY%2F8yH2azrbGAP%2BJlwOm6S9zKGvqzVPI%2BY9Mhg6q6YyBuyYIkHw6Y1q%2F6ThlCGMoeY2WlJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 764388b10e809c01-FRA
expires: Fri, 02 Dec 2022 12:04:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 138ms
53ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EJXCRNLNBP

Requested by

Host: koooralive.online
URL: https://koooralive.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a43854baf1d2afb4f9f2dba0b12e47ea2ab3e7c61aac7d4ba99163d1f69c6894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76523
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 03 Nov 2022 07:53:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
55 KB 162ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3208214437340987

Requested by

Host: koooralive.online
URL: https://koooralive.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ee8dd1d32238fd137043ab1892335b6859bfb80aec9b3653159d43e1f08c787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive.online/
Origin: https://koooralive.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55641
x-xss-protection: 0
server: cafe
etag: 13211168299228907413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 07:53:03 GMT

GET
H2 200 AlbaSport.js Show response
koooralive.online/wp-content/themes/AlbaYallaShoot/js/ 52 KB
18 KB 54ms
54ms Script
application/javascript 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive.online/wp-content/themes/AlbaYallaShoot/js/AlbaSport.js
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af86ded17471f1dbbfad46c3a5b3f7f93a868a604d74dd7dbf877282ae216fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Thu, 03 Nov 2022 07:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Apr 2022 22:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 441307
etag: W/"625f3e18-cea6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFFzFiLKjzkpFzpDXD8nfvFodhgBaqBmin6G9VsrGOSTnYIvcuvSaxn40iUrdHZBtiMCqpw55iro6w2fvySPCYbLVgwtlyB76x0QqBkJY1Q%2FmiE1bHkU3FcwbUKVRdNIa%2B0rcNnCph7Go%2F7t93fd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 764388b10e839c01-FRA
expires: Mon, 28 Nov 2022 05:17:55 GMT

GET
H2 200 layer.js Show response
koooralive.online/wp-content/plugins/advanced-ads-layer/public/assets/js/ 27 KB
7 KB 51ms
51ms Script
application/javascript 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive.online/wp-content/plugins/advanced-ads-layer/public/assets/js/layer.js?ver=1.7.5
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a86cdada5e5a31807176f2881b5b196dedbec52d01a47865d9ccbf6f8e33f23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Thu, 03 Nov 2022 07:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 16:38:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1521631
etag: W/"628e5b91-6d37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpKEhUyLxelmUulm%2BxS052PqIpLbBkWFk4pjZHhZXqTAO48DzPGsM0E7Eb6wRvm%2FpjHFFEnMO%2BceAhYvr5MwU5c2eyYh1rcRC%2BGd2D%2B479%2Fzg5Lawqp8JAtIG7e%2BPakkopu8qFGscuAjmPn3ynB%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 764388b10e859c01-FRA
expires: Tue, 15 Nov 2022 17:12:31 GMT

GET
H2 200 sticky.js Show response
koooralive.online/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/ 6 KB
2 KB 60ms
60ms Script
application/javascript 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive.online/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js?ver=1.8.4
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Thu, 03 Nov 2022 07:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 18:43:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1957298
etag: W/"628e78d1-171a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCrRw8pvngXeOusrRJVDuCfhSqjX4rMa9pqMInoeRpKghJi0hLOqbCizZPl7NLYaagEItXwCuOY%2FMp7AZELgJDp8d9BRvw%2BS9Grn1p5J24FuNsGMUVTlmP0GsvNNlJ6gViDSYDALjgOg1NMlbWlh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 764388b10e879c01-FRA
expires: Thu, 10 Nov 2022 16:11:24 GMT

GET
H2 200 advanced-ads-pro.min.js Show response
koooralive.online/wp-content/plugins/advanced-ads-pro/assets/js/ 6 KB
2 KB 62ms
62ms Script
application/javascript 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive.online/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.19.1
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Thu, 03 Nov 2022 07:53:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 11:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 71301
etag: W/"63625373-1834"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rE0xc8KaXCJOuATxI2Nw5IptGd7I60qbdqKQtrgML%2BkPN88pkkYLuRS7pA%2F2sshAdxEyEe3ZlX8RoQqtPcdqRC1%2BXk%2BfjjZPbOIeTVpMfhQ69W1SSep3TuOZGcv0zl8p0dTRka8C7r85Gcqp%2BDj0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 764388b10e8a9c01-FRA
expires: Fri, 02 Dec 2022 12:04:41 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 NeoSansArabic.woff
koooralive.online/wp-content/themes/AlbaYallaShoot/fonts/ 56 KB
56 KB 46ms
45ms Font
font/woff 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koooralive.online/wp-content/themes/AlbaYallaShoot/fonts/NeoSansArabic.woff
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://koooralive.online/
Origin: https://koooralive.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Apr 2022 22:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5546
etag: "625f3e18-e014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fj%2BbigxtvbK52RpXPTuR1vTwgXC92wk0yIw2wB2g3mQdk11WYxmcYG7Y%2BmpbS2pa0HVJ7YgDpTUNh%2BXmO5kURKTOWdSWVZmZ7NQUSsY8H%2B5%2BUl%2FujUiTsKPW%2Fvp5%2F2dkJJVi4NMse4mdTnfnRRe6"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 764388b1e82e9c01-FRA
content-length: 57364

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
37ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: koooralive.online
URL: https://koooralive.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 03 Nov 2022 07:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1694
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 03 Nov 2022 09:24:49 GMT

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 13099.png
koooralive.online/wp-content/uploads/2022/11/ 6 KB
7 KB 71ms
67ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/11/13099.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ed0a52d06726c3a99786ec2c5ec33c9b717a1fd3909ad0962dae6081e45923

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118333
content-length: 6605
pragma: public
last-modified: Tue, 01 Nov 2022 22:14:36 GMT
server: cloudflare
etag: "63619a4c-19cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9dvjG4D20vPtU7oyyZh9BCKMiVilTvn2Y2LTep%2FxwXsogHyDbTkwg99Jg2sGYafH8tpr5wDw0AuoEyiUu9puuNht9GAlI1bouHvj21TG9BE6hue5CDZGs6E3ICHebc8w4VQGmdHc%2B%2FIB2MUBGrM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b218a79c01-FRA
expires: Thu, 01 Dec 2022 23:00:50 GMT

GET
H2 200 323.png
koooralive.online/wp-content/uploads/2022/04/ 3 KB
4 KB 68ms
64ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/04/323.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db5119adac5cd5642fb2cfcb6254fc7d0b603f3c457b5384dbbd1ec04eb47ecc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43023
content-length: 3326
pragma: public
last-modified: Tue, 19 Apr 2022 23:09:57 GMT
server: cloudflare
etag: "625f4145-cfe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRTADvaQ7MRPVaVCtZdqu6xfZmAU7jzaCMwxq%2B9yMufN94gVS38N0WSPGdGuNLW0hvKsaPErb9b6JCoZcOIpkKtmWU4IBs6AIZjcv7QYxtBZMlczkQX8%2Fg6yoQCwQZTUyEpZka882OGGefyCG2W1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b218a89c01-FRA
expires: Fri, 02 Dec 2022 19:56:00 GMT

GET
H2 200 210.png
koooralive.online/wp-content/uploads/2022/04/ 6 KB
7 KB 52ms
49ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/04/210.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 793ff4ee8f57bcce74beb87eca121096d1ba1698833e77c6cdb3a90742c2636e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43023
content-length: 6584
pragma: public
last-modified: Wed, 20 Apr 2022 02:00:20 GMT
server: cloudflare
etag: "625f6934-19b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Q4iAHzScWvmACKVe%2BofXU7YehZc8rIZNDxDAhABX%2B1Wvxc1rg7fOGg3moIeUxGmbokl2SYEDWwoGOhw6CBpMQ1PvCHp%2BanpEaZCZyZ17BJJ0soMk%2BbYJA%2FLfl5Ifw46VAmyrRAGH5BwYpVOcze2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b218aa9c01-FRA
expires: Fri, 02 Dec 2022 19:56:00 GMT

GET
H2 200 795.png
koooralive.online/wp-content/uploads/2022/09/ 4 KB
4 KB 53ms
50ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/09/795.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7648272eff5daef40f214bca081a1969f0717cd9aebdeb56721e4ef6ee1b978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44113
content-length: 3846
pragma: public
last-modified: Tue, 06 Sep 2022 22:33:54 GMT
server: cloudflare
etag: "6317cad2-f06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNt5O%2BLgeJ2bW4QBXyH%2BrnzJ8jRTB3vlxlNaU761HpUB3akNkHr4EAJKCMAV4rNShskpQRFbbLovAyJfLyWXYxYrqfvy9FkpYfNq%2FyJa%2FfSyo58AjYXRyt8Fui87q4xIa5LEAPM2tc7dfhYeaClG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b218ae9c01-FRA
expires: Fri, 02 Dec 2022 19:37:50 GMT

GET
H2 200 124.png
koooralive.online/wp-content/uploads/2022/04/ 6 KB
6 KB 54ms
51ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/04/124.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b44026ef17b791727f06dac327230d8160294c9fcedf2c323342613a0476ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118333
content-length: 6085
pragma: public
last-modified: Tue, 19 Apr 2022 23:10:10 GMT
server: cloudflare
etag: "625f4152-17c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6AL%2BvCuUYFOmBygZbReG00T6dBSDk3XqCzq7hyzwMUGerIgqDpiTzIBO4ioawXNxN4uXHjPbrMMOe1tzOVx7yrgJ1OqgQMG1E2HXTelw4OKXroftQi6MFLRRj4Ca759u%2FAWOCW4y0RjC74ZQkId"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b218af9c01-FRA
expires: Thu, 01 Dec 2022 23:00:50 GMT

GET
H2 200 95.png
koooralive.online/wp-content/uploads/2022/04/ 6 KB
7 KB 76ms
73ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/04/95.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b4707a6edf4de9440a62d562207fa0128b1826e5f0cff9bb410d5e9106044cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43023
content-length: 6536
pragma: public
last-modified: Wed, 20 Apr 2022 01:59:37 GMT
server: cloudflare
etag: "625f6909-1988"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4KChbapHOKjPxIW1Jn6bVXr0HtmNoPshejCjyAge61TZZmBbuOpz9%2B11lwVvxKnjDrwFrvsVUt1FHqrSkYmBul7%2Bw45kBKW6s68wKjeHWea3tb3KLJe3LJCnuSC2aZKGoaE1CzIONz8yMBATYjG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b218b29c01-FRA
expires: Fri, 02 Dec 2022 19:56:00 GMT

GET
H2 200 225.png
koooralive.online/wp-content/uploads/2022/09/ 8 KB
9 KB 55ms
53ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/09/225.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71437f1a53b45e0f8980712bad8b191b4d31b52b33905750dfa9e0e41eddc0b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44113
content-length: 8392
pragma: public
last-modified: Thu, 15 Sep 2022 16:32:30 GMT
server: cloudflare
etag: "6323539e-20c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhmFl5i9UAzL1DK47fpjxzt04iAP4N%2B9wOgpyomWj0%2Bei%2FZKMi%2F%2FMs%2B%2ByoaZ%2FAlojStaMRtt3NbY8OZg7X%2F1JjvnEBN7vM4GeOCBPDc19dx%2FtIuX%2FpqMB%2Bdq%2Fnxk78AXUAPhfARF9FrptPr9TEW0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b218b79c01-FRA
expires: Fri, 02 Dec 2022 19:37:50 GMT

GET
H2 200 244.png
koooralive.online/wp-content/uploads/2022/04/ 7 KB
7 KB 71ms
68ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/04/244.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7caadad2f49cc41795d81cd27682b76fa6d87e4bf653c15943cfe9cf3a2bd64a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44113
content-length: 7253
pragma: public
last-modified: Wed, 20 Apr 2022 02:00:16 GMT
server: cloudflare
etag: "625f6930-1c55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkrfOZUcqYqKWgljSLX5NJD9OZk9DidzhCdiz9Pp8Xei5YRU45aW3hgTlKJRJZip2wJzrRvuwpct00Higb1LnVUkfOWb8dN1CUHVJfHjp4QWMNOzSRVPUnVUJTfg4bAX8MLd3EB15jHegwgMCFgE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b228b89c01-FRA
expires: Fri, 02 Dec 2022 19:37:50 GMT

GET
H2 200 360.png
koooralive.online/wp-content/uploads/2022/04/ 6 KB
6 KB 61ms
59ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/04/360.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0907956318d7fdd17b4ecfe956cae0bf7ed767e4c8175e1a530ed41ab36f383

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44113
content-length: 6276
pragma: public
last-modified: Wed, 27 Apr 2022 23:54:03 GMT
server: cloudflare
etag: "6269d79b-1884"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FEG5pviqAmWr1YTmPv7wPmXxQz75HHpTzYsU7rFCYPRWZ2CtES0mic8BQx9fcUHM2B80fUpiX3Emwz0kOnl8xlAiETtchtpe43uVtOMfTN%2F6O2TzymBeuUR6TVEywACfDRZMD60E1mcxpyEgjms"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b228b99c01-FRA
expires: Fri, 02 Dec 2022 19:37:50 GMT

GET
H2 200 136.png
koooralive.online/wp-content/uploads/2022/05/ 3 KB
4 KB 57ms
55ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/05/136.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f2d31a40425077915dff1cbdffe77c69cac7a3645ad859da9e8b881cf5bd1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44113
content-length: 3295
pragma: public
last-modified: Sun, 15 May 2022 22:11:41 GMT
server: cloudflare
etag: "62817a9d-cdf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qB%2BrYxnN31EWeUuWhfxr%2FWFNfa%2FxZA1ub5ozgyDrj%2Fm%2Bou09RvxbVzquc8YfDamjmc2vMuHO41WdwZ0UrfS8wUXIaEvhVHTTewy0Hel4SGf14lu8RQGJDSwdOLcxXwFqzT%2BkoCcMUOy%2F61yWPywZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b228ba9c01-FRA
expires: Fri, 02 Dec 2022 19:37:50 GMT

GET
H2 200 83.png
koooralive.online/wp-content/uploads/2022/04/ 8 KB
9 KB 59ms
57ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/04/83.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5afc97382732099825ad989abe65bc265e483b236429220bf499853156b0c96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44107
content-length: 8362
pragma: public
last-modified: Tue, 19 Apr 2022 23:09:26 GMT
server: cloudflare
etag: "625f4126-20aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gk0UHfIRz3Od8oArkfutkBIWG%2Fa3nWm0V816OiK2LYk6CwQfCrN05QUbb7iLHvrktZQwFVOYWPud7dO%2F1K4wqQLYqDSOOY%2BdIrqLJR7wn32LP7LamhOE39JbaSJ%2BWuFrMx53XzAABfQmJAucjWUA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b228bc9c01-FRA
expires: Fri, 02 Dec 2022 19:37:56 GMT

GET
H2 200 793.png
koooralive.online/wp-content/uploads/2022/09/ 5 KB
5 KB 65ms
63ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/09/793.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7586a76d6d1bff3cd368fe7017d8c3dfbf8d8420b8a11d23c3165b93b4750301

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44107
content-length: 5059
pragma: public
last-modified: Tue, 06 Sep 2022 22:33:20 GMT
server: cloudflare
etag: "6317cab0-13c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JX1%2BGdl434xuKCvcKJRXjDg6W0JOP4kxBV8vlTlUqGpeyI7SfhuCziOh7V1r0peUT6LHwwF9ikjZbwkXcvJp5cP5paAa5Dvwuhn7zsm60X114g7F2YFHS7uUAh14lAoP6f4iREnL4CFULKdf8%2BtK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b228bd9c01-FRA
expires: Fri, 02 Dec 2022 19:37:56 GMT

GET
H2 200 143.png
koooralive.online/wp-content/uploads/2022/04/ 5 KB
6 KB 56ms
54ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/04/143.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ada8cef04fab96dcc34caa37f138e5931a57f99bcc9b264275a6c8873cf40ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 337132
content-length: 5458
pragma: public
last-modified: Wed, 27 Apr 2022 23:54:01 GMT
server: cloudflare
etag: "6269d799-1552"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1bcgb0yc4M%2BCp2KNCJTlAMwi3au%2BiukUR2qr5gYg7FeccUP8NMxXcCTyuC58R4AMvrHNlQ6avxXivcq07R7jqadpGsNaRSVh3hyLYCikuj0zZ1o41ZDpck3brwCd4dkss8J6kV7GAT5JwjyjUFY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b228bf9c01-FRA
expires: Tue, 29 Nov 2022 10:14:11 GMT

GET
H2 200 1397.png
koooralive.online/wp-content/uploads/2022/09/ 8 KB
8 KB 63ms
62ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/09/1397.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 907d87cb8a32f6258c16886aa91b2c0b1e2a3fc7b2828a26e29c38a4ae6eca5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44106
content-length: 7844
pragma: public
last-modified: Tue, 06 Sep 2022 22:33:17 GMT
server: cloudflare
etag: "6317caad-1ea4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtNY%2FNOOxvAQnbJfoSssesQW3khVq2BDgRmvObv2ZOQehXhLEUcP3RX9xanP%2Fjj96CKtxAbgWkla9Osgt4rS%2FeFFHEksumCITi09ZQR%2FzftT9Ws3bBPr%2BzvBnUO5w1i9q2NqCvnXoE7YLuV5y09U"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b228c29c01-FRA
expires: Fri, 02 Dec 2022 19:37:57 GMT

GET
H2 200 898.png
koooralive.online/wp-content/uploads/2022/11/ 7 KB
7 KB 69ms
68ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/11/898.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa1d672be7c09a6d359fdb7bd1998f9f0af7c0b4eca9fdc42d57d314f1dce10c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44105
content-length: 7147
pragma: public
last-modified: Tue, 01 Nov 2022 22:14:46 GMT
server: cloudflare
etag: "63619a56-1beb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcXdjdy9lHB2dH%2Ba0UXHhKHK%2B15vUtjuDtuwopdgtnel8jpTsSrrfPVNl%2B6DErskmK6CsyTrM%2BmQxj5GT6UwdtB5wvpzWkzp6I7bRnK92LHVaS4T24e0fnJsQU73DG1BQxPLDdW31bdHWXAe4WJX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b228c39c01-FRA
expires: Fri, 02 Dec 2022 19:37:58 GMT

GET
H2 200 127.png
koooralive.online/wp-content/uploads/2022/04/ 6 KB
7 KB 62ms
61ms Image
image/png 2606:4700:20::681a:910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koooralive.online/wp-content/uploads/2022/04/127.png
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c0f8404bbe42448d93e37810f07bcd941b2f2f44012600c0926fd37941569a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43018
content-length: 6372
pragma: public
last-modified: Wed, 20 Apr 2022 01:59:40 GMT
server: cloudflare
etag: "625f690c-18e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lW%2FZz6u%2BfUs9W6nM3K6HUML9bbdaDtnjLyWmpwjZky%2FVD5KAAr5uDJOFa4DPxaRotEGuPM4c2nGt95Y4IQtjRP9HaltfDL9u2Pt8NZJAYZnqEXOSZzoi6U4LsBtu%2By3Oy8ZpD3LrxroLhc9X0Kiu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 764388b228c59c01-FRA
expires: Fri, 02 Dec 2022 19:56:05 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 159ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EJXCRNLNBP&gtm=2oeav0&_p=2065069500&cid=1989482154.1667461983&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667461983&sct=1&seg=0&dl=https%3A%2F%2Fkoooralive.online%2F&dt=%D9%83%D9%88%D8%B1%D8%A9%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora%20live%20%7C%20kora%20live&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EJXCRNLNBP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koooralive.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 47ms
46ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2065069500&t=pageview&_s=1&dl=https%3A%2F%2Fkoooralive.online%2F&ul=en-us&de=UTF-8&dt=%D9%83%D9%88%D8%B1%D8%A9%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora%20live%20%7C%20kora%20live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=895929174&gjid=89437099&cid=1989482154.1667461983&tid=G-EJXCRNLNBP&_gid=1643291256.1667461983&_r=1&_slc=1&z=1171491539

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koooralive.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koooralive.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ 354 KB
116 KB 166ms
89ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3208214437340987&plah=koooralive.online

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3208214437340987

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0099bf3e02cc1ceeb8826f051f6eede672482a60d1f000373b9f6f31c68e2f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119030
x-xss-protection: 0
server: cafe
etag: 17314250014061383775
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 07:53:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame E918 10 KB
5 KB 127ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3208214437340987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 18:05:44 GMT
etag: 2424782735605397694
expires: Wed, 16 Nov 2022 18:05:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
700 B 163ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=koooralive.online&callback=_gfp_s_&client=ca-pub-3208214437340987&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3208214437340987&plah=koooralive.online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6d12bc8a2048fcf5483d8aff56ec9125fc4cd1fcd4361c8637374c3ab08207a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 157ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koooralive.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 170ms
58ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koooralive.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ECE3 254 KB
58 KB 932ms
846ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&adk=1812271804&adf=1573534164&lmt=1667461983&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkoooralive.online%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983238&bpp=6&bdt=367&idt=265&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2315458891532&frm=20&pv=2&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=290

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92bf9e5ffb82452aa066ae61d9bb59198187cb8c53c192da78d190b0329d346c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 59452
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:04 GMT
expires: Thu, 03 Nov 2022 07:53:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 88EC 22 KB
10 KB 724ms
645ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=3748555641&adf=3025194257&pi=t.ma~as.6624613281&w=1200&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1200x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983244&bpp=2&bdt=373&idt=287&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AZ29ib06SQ&p=https%3A//koooralive.online&dtd=294

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0358b09b9620d49ace9948c0a3c5f2f71ee026a440d90a60d6436c2db1250b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9746
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:04 GMT
expires: Thu, 03 Nov 2022 07:53:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FE6 94 KB
31 KB 562ms
499ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=502529937&adf=1197125821&pi=t.ma~as.6624613281&w=1100&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1100x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983246&bpp=1&bdt=375&idt=299&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1947&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=y8Yf4f8mcm&p=https%3A//koooralive.online&dtd=308

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d46a6c67d5d3d5168d4f5a3d6d230b9048cb3d96cf124c60cd6a425b4be144b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31891
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:04 GMT
expires: Thu, 03 Nov 2022 07:53:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 3FE6 4 KB
1 KB 131ms
46ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=502529937&adf=1197125821&pi=t.ma~as.6624613281&w=1100&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1100x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983246&bpp=1&bdt=375&idt=299&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1947&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=y8Yf4f8mcm&p=https%3A//koooralive.online&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 06:55:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 07:53:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 3FE6 2 KB
846 B 176ms
76ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:50:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:50:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 3FE6 23 KB
9 KB 139ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 01:07:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 3FE6 3 KB
1 KB 171ms
77ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 3FE6 17 KB
7 KB 144ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FE6 153 KB
47 KB 147ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 07:53:04 GMT

GET
H2 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame 3FE6 34 KB
14 KB 124ms
37ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 560053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 20:18:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3FE6 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cnt2oX3NjY7XKKpCSqMwPn7y1iAva9smXaL_Ir6y_DszHmqb9CBABINaNyhlglYKmgrAHoAGwuqHXA8gBCakC1tKJI155sD6oAwHIA8sEqgTJAU_QC36dS_5JsjOCCdblF0CxQyJPcBdoWe4AICrqd6YVoLVvEWqf6y9u9KaM8pvJTU29eBa-Pd0CU3QT7OUdymnLPqNxfM5zDuZ84xrebBY-79B7xHEuvCNOZEW4-0BVarQGX6qNDHPHl8Dof6wJMu6HuUVmvX2fheyAWmc2WsgNcVMHfxlIUT5zkxhwAIX2NMxEm0OJo5rc3xuCWDArJC0ZQMxGt2c7tsgGEKVgFuynSJMBH_h9anEXeD5Dhr3nvWDto3bud1mZesAEyZipquADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQwaUC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMzIwODIxNDQzNzM0MDk4NxgA&sigh=Fg_5EwKfQzQ&uach_m=[UACH]&cid=CAQSGwDq26N9safn4dH6VVEQ_0Jsnaf8ic80KEfdLhgBIA4&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=502529937&adf=1197125821&pi=t.ma~as.6624613281&w=1100&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1100x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983246&bpp=1&bdt=375&idt=299&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1947&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=y8Yf4f8mcm&p=https%3A//koooralive.online&dtd=308
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 07:53:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Nov 2022 07:53:04 GMT

GET
DATA 200
OK truncated
/ Frame 3FE6 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 3FE6
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

116ms
38ms

Image
image/png

2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Protocol

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 07:47:54 GMT
x-content-type-options: nosniff
age: 173110
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Nov 2023 07:47:54 GMT

Redirect headers

date: Wed, 02 Nov 2022 14:58:08 GMT
x-content-type-options: nosniff
server: cafe
age: 60896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 02 Dec 2022 14:58:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 88EC 3 KB
1 KB 119ms
78ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=3748555641&adf=3025194257&pi=t.ma~as.6624613281&w=1200&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1200x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983244&bpp=2&bdt=373&idt=287&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AZ29ib06SQ&p=https%3A//koooralive.online&dtd=294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 88EC 17 KB
7 KB 92ms
51ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=3748555641&adf=3025194257&pi=t.ma~as.6624613281&w=1200&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1200x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983244&bpp=2&bdt=373&idt=287&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AZ29ib06SQ&p=https%3A//koooralive.online&dtd=294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 88EC 153 KB
47 KB 142ms
107ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=3748555641&adf=3025194257&pi=t.ma~as.6624613281&w=1200&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1200x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983244&bpp=2&bdt=373&idt=287&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AZ29ib06SQ&p=https%3A//koooralive.online&dtd=294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 07:53:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 88EC 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEQr3X3NjY4TKKtaAqMwPzKm56AHJntKxXL3plfdwwI23ARABIABglYKmgrAHggEXY2EtcHViLTMyMDgyMTQ0MzczNDA5ODfIAQmpAtbSiSNeebA-qAMBqgS-AU_Q3mWx1IrTNsq_5c_8RVvft4A868GsyhyJY6wVUCpJyszMsGlZ0JhyPpXZj5E2YNjbKtJIHU1nt5GAw-npzQeX2U0GfZfrrPvy7XgjSYf4cYpup3YnlE4MEUUSnDmq64WzacQG2v0yg4GMtu8VrF7KOfppEtKmD4ZF64PhdwVrvkHnUShDDces3VsddOnQIkn5KmzujjhLdkPUIkWTptdFF2ca7fGyJsXa5g9r0vpTREmcQCqUxbaKtAFCmMGABoOUmOPUrNStXaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzIwODIxNDQzNzM0MDk4NxgA&sigh=PCGG8Cg2AcI&uach_m=[UACH]&cid=CAQSGwDq26N9JhyVXhOVcsBQPmAGKJWTJE4iWe5KsBgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=3748555641&adf=3025194257&pi=t.ma~as.6624613281&w=1200&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1200x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983244&bpp=2&bdt=373&idt=287&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AZ29ib06SQ&p=https%3A//koooralive.online&dtd=294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=3748555641&adf=3025194257&pi=t.ma~as.6624613281&w=1200&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1200x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983244&bpp=2&bdt=373&idt=287&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AZ29ib06SQ&p=https%3A//koooralive.online&dtd=294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 07:53:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Nov 2022 07:53:04 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 88EC 0
0 145ms
41ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kP79Esz6RLAJmAKdg2ICAgAAAJw2rvhg3zrHEF9zY2MiAbj0PGq8K_R8DgASAAA&wp=Y2NzXwAKpQQDigBWAA5UzAicptnQSH_UKXk5sg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=3748555641&adf=3025194257&pi=t.ma~as.6624613281&w=1200&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1200x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983244&bpp=2&bdt=373&idt=287&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AZ29ib06SQ&p=https%3A//koooralive.online&dtd=294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 263500
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame BD2A 151 KB
49 KB 234ms
122ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2NzXwAKpQQDigBWAA5UzAicptnQSH_UKXk5sg&u=%7C7Uo7af6LqpCPABN9wOWbeoB%2B%2BuU%2B4fz3FaR%2BngfOx7Q%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5aheU7pvyLAKYezNkd_JqRvUu2W9pYhwCg3cjgYD93aqN85H_vuTOUgdf1Sd1B2mvqkvaqnF8Doaf4rMNhrS2vpx9-empMKFDy2_cugUsTGnwOt7l3rFyrC_Rh19w8sNoFdre1G_5QakoWPDMGBnkctLt0SA69JWpYBIXGfnv4Wc_fI2-uDT2Lcxu-3O-2-4JhcBI418MuSpZ00aBC2Vjp-ixARszyjvc7nal06TfhX6_289pCWSanXl7SkYtWuV6s29hoF3LBRv4ZF0PLBPNkRUGOwOYCIMwD5D-Wd6NP1myYLA19Okou3a9XH78F_UU3RHPfXmJUDTvFlkk1lf4INI7nTkt-lKumyNO2hnfdsgAZDjexL7jQ_tlyyXJJ7l40cnNPRhxSqYIRSvtYnoRdBea6koLj73l5dVCvugvcfXOPgIr8RJ1A3MBJ74Ktle_gUM8YEt2nOvPzxKe7853XZHNEyU6TpGqEEYJJ406M57KBr9Zn04u_5b8cteBVr6moOAVreHudI9zR9Ux9kRE5Z4tSBBqYfP_ElTyEGIxcrVzSMCKoizBGLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbcojX3NjY4TKKtaAqMwPzKm56AHJntKxXL3plfdwwI23ARABIABglYKmgrAHggEXY2EtcHViLTMyMDgyMTQ0MzczNDA5ODfIAQmpAtbSiSNeebA-qAMBqgTBAU_Q3mWx1IrTNsq_5c_8RVvft4A868GsyhyJY6wVUCpJyszMsGlZ0JhyPpXZj5E2YNjbKtJIHU1nt5GAw-npzQeX2U0GfZfrrPvy7XgjSYf4cYpup3YnlE4MEUUSnDmq64WzacQG2v0yg4GMtu8VrF7KOfppEtKmD4ZF64PhdwVrvkHnUShDDces3VsddOnQIkn5KmzujjhLNEH1sMIcOsT6i3O5PcwU3szO7Llh_OLR8IGh5tgr25qSMavGi36u34GABoOUmOPUrNStXaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Cjioe4GYmbvszFowXQHAvrLa6ZQ%26client%3Dca-pub-3208214437340987%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=3748555641&adf=3025194257&pi=t.ma~as.6624613281&w=1200&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1200x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983244&bpp=2&bdt=373&idt=287&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AZ29ib06SQ&p=https%3A//koooralive.online&dtd=294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

29df001622b2c11cf6d182393c4a79e14bc3c02f2acb485f85af44c84e6b5276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=owN8d6TmVJjb0hV0FAJfR_R8a5BmAsDbczEOnZdcgARktSc3Z9XsWl0YedOhbGXThNWlczyjmTQz-ylQhMmsovIIFXOVOlR_eKq1ZkSrYSxWPnPyHW0_jGM5YjWrHs2dEYmqNtvhL-V8T-U-Zt7yfSTUbO0SC3DKInzcM3tOL64R_jy4Q7Cp8P6Q7m_R5I_2qM7bAFyfypVymA7febGU_SnpuV2LYCDq43ixwmWjTkT-PT6zSQX0JMqw0Mr8JyVAoRlZ2Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 70837682
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 3FE6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6e049b6c88d5956cf00b54fa93b8c3e0df12425378142f344d680d7087f2379

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 88EC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dae7d504533c123afdfc0fdb71accd58f8e85c258be4036e6290efc44805ca42

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3FE6 16 KB
16 KB 127ms
36ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 42159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 20:10:25 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BD2A 2 KB
1 KB 127ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2NzXwAKpQQDigBWAA5UzAicptnQSH_UKXk5sg&u=%7C7Uo7af6LqpCPABN9wOWbeoB%2B%2BuU%2B4fz3FaR%2BngfOx7Q%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5aheU7pvyLAKYezNkd_JqRvUu2W9pYhwCg3cjgYD93aqN85H_vuTOUgdf1Sd1B2mvqkvaqnF8Doaf4rMNhrS2vpx9-empMKFDy2_cugUsTGnwOt7l3rFyrC_Rh19w8sNoFdre1G_5QakoWPDMGBnkctLt0SA69JWpYBIXGfnv4Wc_fI2-uDT2Lcxu-3O-2-4JhcBI418MuSpZ00aBC2Vjp-ixARszyjvc7nal06TfhX6_289pCWSanXl7SkYtWuV6s29hoF3LBRv4ZF0PLBPNkRUGOwOYCIMwD5D-Wd6NP1myYLA19Okou3a9XH78F_UU3RHPfXmJUDTvFlkk1lf4INI7nTkt-lKumyNO2hnfdsgAZDjexL7jQ_tlyyXJJ7l40cnNPRhxSqYIRSvtYnoRdBea6koLj73l5dVCvugvcfXOPgIr8RJ1A3MBJ74Ktle_gUM8YEt2nOvPzxKe7853XZHNEyU6TpGqEEYJJ406M57KBr9Zn04u_5b8cteBVr6moOAVreHudI9zR9Ux9kRE5Z4tSBBqYfP_ElTyEGIxcrVzSMCKoizBGLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbcojX3NjY4TKKtaAqMwPzKm56AHJntKxXL3plfdwwI23ARABIABglYKmgrAHggEXY2EtcHViLTMyMDgyMTQ0MzczNDA5ODfIAQmpAtbSiSNeebA-qAMBqgTBAU_Q3mWx1IrTNsq_5c_8RVvft4A868GsyhyJY6wVUCpJyszMsGlZ0JhyPpXZj5E2YNjbKtJIHU1nt5GAw-npzQeX2U0GfZfrrPvy7XgjSYf4cYpup3YnlE4MEUUSnDmq64WzacQG2v0yg4GMtu8VrF7KOfppEtKmD4ZF64PhdwVrvkHnUShDDces3VsddOnQIkn5KmzujjhLNEH1sMIcOsT6i3O5PcwU3szO7Llh_OLR8IGh5tgr25qSMavGi36u34GABoOUmOPUrNStXaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Cjioe4GYmbvszFowXQHAvrLa6ZQ%26client%3Dca-pub-3208214437340987%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:04 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame BD2A 2 KB
1 KB 127ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:04 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BD2A 308 B
636 B 120ms
42ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 29 Oct 2023 07:53:04 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BD2A 293 B
621 B 154ms
77ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 29 Oct 2023 07:53:04 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame BD2A 43 B
348 B 151ms
41ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Cvn6cxFmQ0aXkbqymCTlEtxoLgnkC5AA0aotkhWrtrDg82mEX5SZnTaCsEeJBjnvrzkceeJJncy2z0mREeBOZg-CiTRtiKbSZVcz4mdgurFpYG0kTk-h3JxzVd3uVidHdLPvcqcwab0qM49-wfNZAz-kA29dSyYF1m2MrYTPGOnBP6QIX6l87FFl1I4NkCTdMEAZ27xiW4nrmCD6bnYsZh3cL8BPxhfsmRmZrGPHXqDgzcdedR-11z54pKmddcz_nuWFGthu6WShBAERFKBJGUqiF8QN_j99PcwgQohcnHhfiufk93uK-zBezN_mqSy6XM88hOgO7HotR4GfNGN7RU6PfpJ_khxQIOkm9iVB0kRmUpblUtw0pCpIa_iT8i12DLX0K-hZfJqXx2jVFYiXaBGMekygo3HfZ4S-q0M85Td0B5eYDFXgvZSfH5PmsL61jKayrA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3024245
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ 151 KB
51 KB 77ms
75ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

384880391d5e211c60ed1e6256b946d8b676925edfbfd6e53609a20630a44302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52398
x-xss-protection: 0
server: cafe
etag: 1948624999229912099
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 07:53:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 124ms
46ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koooralive.online

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 125ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koooralive.online

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D22D 26 KB
12 KB 558ms
556ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&adk=3749226152&adf=1197125821&pi=t.aa~a.1279054838~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1100x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=-M&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280&nras=2&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AeUfkLhKxI&p=https%3A//koooralive.online&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ae233d4c02af738eed223a94e974fdcb5df4f4b39423234fc3d4501b1f017e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12158
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2ECF 31 KB
12 KB 567ms
566ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1200x90&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=0&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280%2C1100x280&nras=3&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5Ote6YcNyi&p=https%3A//koooralive.online&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fae4846db3a83450b46445e76aebebb6b3ae1d1414e7b117c084a920cb03336f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12485
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BD2A 12 KB
5 KB 137ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 47782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmnne8h27Vm0dT1YaaqgJdANlkorYtKPKVHs%2F4T0aq%2B8CAOIUvaBr4bEzrT14DJl46%2FMExVFJhfQQCXxL3xHAFiUUbWByx3NogbaH3k009Y7l0wvLcx7RbZ0TLGaRAhb%2FjPfa5X%2FYJ375aaP0UhO57nV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 764388bc6f8c8fe8-FRA
expires: Tue, 24 Oct 2023 07:53:04 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BD2A 12 KB
6 KB 53ms
41ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:04 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame BD2A 56 KB
56 KB 222ms
139ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:04 GMT

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame BD2A 58 KB
58 KB 161ms
79ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD2A 11 KB
11 KB 245ms
140ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2Fc7db8369314c442a8dd94287a8ff8fb8_square.png&v=3&w=196&s=-Aki19GuEeJN4-SCKxoxVMwR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

232a6ac91462da5b10eeab6cd35f3fb33f84f3436184f3cd1f568a7fc0da1152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30308029
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11239
expires: Fri, 20 Oct 2023 02:46:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD2A 15 KB
16 KB 269ms
165ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fda51e5ac-bca4-4e04-b124-d8b94b1c01af_5ce50a16-e115-4399-b636-68b3dfc1c2ac.jpg&v=3&w=400&s=itYMDQzryMxQWduPoyPzWpGq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

123fb80211b4b6bc926df0c11f147eca992eb2b1240a48433f4c5fb1666ba70c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=324202
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15782
expires: Mon, 07 Nov 2022 01:56:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD2A 21 KB
21 KB 192ms
87ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F524b8ff7-7e00-4f2b-9c9f-7b0576f48df7_5f1d7cbc-c566-4c1a-a5af-edf8edab0481.jpg&v=3&w=400&s=FYgkPzmkiMGiJ0zr4xlvKuSR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d3dbde236420a80552af4e90a8d2b36640053e3d859d60a41986a3cb92458808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=37458
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21338
expires: Thu, 03 Nov 2022 18:17:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD2A 36 KB
37 KB 181ms
77ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ffb253cee-4412-4b44-abdd-22490ca9e469_7400e857-8f62-4983-bd86-be3e80976d75.jpg&v=3&w=400&s=VfZ7xuFrUs2xEwN1qPOw7bOP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

69fb18a7dc78ce9e1b9d6d16f4f4207b25df31581d00066e2120cb97d0919ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1135604
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37248
expires: Wed, 16 Nov 2022 11:19:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD2A 33 KB
33 KB 249ms
145ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F5445feab-d887-4aa1-8434-e33229556016_8932f406-885d-4073-bedf-56860188b5d1.jpg&v=3&w=400&s=iIp4p8Xn-_cgXMlBdmtuy6FB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b6c7cc6a51095d368b2db9f77e7ac4c18cdbb03db2ae72920b9fc693a0ffc7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=525124
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33810
expires: Wed, 09 Nov 2022 09:45:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD2A 13 KB
14 KB 268ms
164ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F082f0a9c-ad55-42a6-9586-d107378e0b84_65d9bc0d-70a3-4070-965b-3338aea2f1e8.jpg&v=3&w=400&s=wTfWu9gylFdzwxRk6zdYWrQ1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

17946ddbec28c0238bec09e6518a43e9f3bd5cd4952568f6cabc7ad668032af4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=797148
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13708
expires: Sat, 12 Nov 2022 13:18:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD2A 23 KB
23 KB 128ms
128ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ff3e9bdd0-5ba0-438e-a0c3-99e7c4bc8551_363189c4-d151-4052-85df-a15f89587419.jpg&v=3&w=400&s=7zM5AvkBDwgu_EXau-3DDpLS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

491535f67bae5f72d2a6922ff47df1235af120734be7b45f40ae2d222de0cfbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1134956
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23248
expires: Wed, 16 Nov 2022 11:09:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BD2A 113 KB
113 KB 132ms
132ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F220429%2F4788d9af40ff4189aa746ac1604a10b0_img_horizontal_1.png&v=3&w=1200&s=SHonKLM5UeY3BOb9iw6K7bLx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

05598f8f2a66f401f2b91bb8e05d09197bbbad7090f838f16c01f7d55f8e678b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31036139
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 115624
expires: Sat, 28 Oct 2023 13:02:04 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BD2A 0
128 B 142ms
40ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=owN8d6TmVJjb0hV0FAJfR_R8a5BmAsDbczEOnZdcgARktSc3Z9XsWl0YedOhbGXThNWlczyjmTQz-ylQhMmsovIIFXOVOlR_eKq1ZkSrYSxWPnPyHW0_jGM5YjWrHs2dEYmqNtvhL-V8T-U-Zt7yfSTUbO0SC3DKInzcM3tOL64R_jy4Q7Cp8P6Q7m_R5I_2qM7bAFyfypVymA7febGU_SnpuV2LYCDq43ixwmWjTkT-PT6zSQX0JMqw0Mr8JyVAoRlZ2Q&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 03 Nov 2022 07:53:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BD2A 2 KB
1 KB 54ms
53ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:04 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BD2A 2 KB
1 KB 49ms
49ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:04 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame CE4B 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 18:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 18:48:52 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/ Frame 3D09 10 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 18:50:24 GMT
etag: 2424782735605397694
expires: Wed, 16 Nov 2022 18:50:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/ Frame DBD3 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 18:50:24 GMT
etag: 2424782735605397694
expires: Wed, 16 Nov 2022 18:50:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 3D09 4 KB
636 B 130ms
50ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 06:53:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 07:53:04 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3D09 205 B
229 B 120ms
37ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 01:01:04 GMT
x-content-type-options: nosniff
age: 24720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 Nov 2023 01:01:04 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3D09 604 B
628 B 120ms
38ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 04:14:04 GMT
x-content-type-options: nosniff
age: 13140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 Nov 2023 04:14:04 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame 3D09 19 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 15:48:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7963
x-xss-protection: 0
server: cafe
etag: 15183902602499586604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 15:48:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame DBD3 2 KB
765 B 39ms
38ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:50:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:50:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DBD3 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8Zo7X3NjY4jxJ4nmb5LzpzCc7vicbeLW1-qWELbV39rbMBABINaNyhlglYKmgrAHoAHPsOP-A8gBCakC1tKJI155sD6oAwHIA8sEqgTKAU_QL1Yu9RR_QKLVl6wxMG4-fDRCw3W3zL6jYABPzXUavuJBDwgk50kU7EwBSAwZNwhGMg5aFcxzXorucMAemTl2pzhkoXWmFRpv8hPW8hKdB2YjIxb6_IJxsZAI8fFCGhBdwvxSZSivC447g0klaWBHD32ylPk4UEiOlvdZFpzeMcGb25EAxKaSJDtlRTV7F7rZjxGjJZslAE7YO_YFICEDUQcA2P27zdMZoAxCUKRMXHMFRg1GpyOXYMO8Gzo4CUgPLwBkEQOnrrfABOO64_aDBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeZz5wBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEENzNBNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTMyMDgyMTQ0MzczNDA5ODcYAA&sigh=OY1MSYRhru8&uach_m=[UACH]&cid=CAQSGwDq26N9XWhBGYQ4jZ0j9Q6PqJSE3Zo_M_OCahgBIA4&template_id=494

Requested by

Host: koooralive.online
URL: https://koooralive.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 07:53:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame DBD3 23 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 01:07:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame DBD3 3 KB
1 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame DBD3 17 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBD3 153 KB
47 KB 128ms
51ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 07:53:04 GMT

GET
H3 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame DBD3 34 KB
14 KB 110ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 560053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 20:18:51 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame DBD3 15 KB
15 KB 158ms
37ms Image
image/png 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTJ-pnfSZx59LnLyVik5i3x7eKeodAnezvfb2WY23O5S54P9y_pjtH1Ke1Rhw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe9cc714cb7cd7056f8e9135d76f23840c1b543d9352df7dde60cda58af838a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:03:32 GMT
x-content-type-options: nosniff
age: 478172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15416
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 09:17:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 28 Oct 2023 19:03:32 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DBD3 20 KB
21 KB 154ms
39ms Image
image/png 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSMix_zcGJ8zB8svbKrPyxERTjdEwPm0pfl-cHX35pOXBoUHGawmlzQ0jxOfA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a0d50ab44eedde2478ae6561176dcef384608de9d6b838e8a74ad179862040d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:23:01 GMT
x-content-type-options: nosniff
age: 484203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20641
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 01:31:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 28 Oct 2023 17:23:01 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame DBD3 18 KB
18 KB 189ms
68ms Image
image/png 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcReqsK-Vabku-aC8SR2R1nT7B7Lpb_2mTBUgxm7l-QR9FxwPA6O4dMm4GQHxQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a39b4c6fc4ecc03be71900984d48ac7934a8bed2380b6d37133f803480cbb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:11:19 GMT
x-content-type-options: nosniff
age: 585705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18489
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 01:37:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 27 Oct 2023 13:11:19 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame DBD3 18 KB
19 KB 142ms
38ms Image
image/png 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTkRqzGFZo5e94Xz3LBS3i8S9Juh49I3bJxK-jUOJWtrHuabGcaWXXWrLh9SDw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9a25d93bc5cb1beb6065ea08d7777a993a150a6706d6e62677852de9bb71b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:52:40 GMT
x-content-type-options: nosniff
age: 586824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18835
x-xss-protection: 0
last-modified: Sat, 26 Feb 2022 02:43:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 27 Oct 2023 12:52:40 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame DBD3 19 KB
19 KB 142ms
39ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQAoXADIiY3KGd-cfxI1cJjdYEwugBYoceFYW1qiJzBRAiKPJd3AhDaU_PI-7E&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a231470177f09c2ef1e66704bc0327312fd4bd6bbad8088dfc1bf9867155fcc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:44:23 GMT
x-content-type-options: nosniff
age: 497321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18995
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 01:04:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 28 Oct 2023 13:44:23 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame DBD3 3 KB
3 KB 156ms
36ms Image
image/png 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTplU0QKdvP_iA6y6zLjuheGkyKikkIKgpjh6cvslAFAPBE3X8&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e63d187e6b3583759db65bbc25a011f6c629eb2d0cc6399331bb88a99f461f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 10:22:05 GMT
x-content-type-options: nosniff
age: 163859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2699
x-xss-protection: 0
last-modified: Thu, 31 Jan 2019 12:49:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 01 Nov 2023 10:22:05 GMT

GET
DATA 200
OK truncated
/ Frame DBD3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3bf97212633b65d3c046b35b597531bc4e9a25c44d16d963662fef6011342e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 44F7 8 KB
895 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 06:53:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 07:53:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 44F7 2 KB
765 B 37ms
37ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:50:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:50:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 44F7 23 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 01:07:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 44F7 3 KB
1 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 44F7 17 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44F7 153 KB
47 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 07:53:04 GMT

GET
H3 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame 44F7 34 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 560053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 20:18:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E02F 143 B
166 B 38ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9661 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: koooralive.online
URL: https://koooralive.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 18:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 18:48:52 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E02F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

55ms
55ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:05 GMT
expires: Thu, 03 Nov 2022 07:53:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame D22D 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&adk=3749226152&adf=1197125821&pi=t.aa~a.1279054838~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1100x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=-M&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280&nras=2&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AeUfkLhKxI&p=https%3A//koooralive.online&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame D22D 17 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D22D 0
0 118ms
47ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSr7hR3R_AeItMax_5PPtpEfM8B68Gws3pPWaO-0h9GnXGm4J8cZ9vz-nmvU8r1EfoQ1RVfgvw3YU25kByj_tRYftU6sg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&adk=3749226152&adf=1197125821&pi=t.aa~a.1279054838~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1100x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=-M&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280&nras=2&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AeUfkLhKxI&p=https%3A//koooralive.online&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D22D 153 KB
47 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 07:53:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D22D 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTKFtYHNjY_WmKLqfo9kPgZyx0AvJntKxXPXalvdwwI23ARABIABglYKmgrAHggEXY2EtcHViLTMyMDgyMTQ0MzczNDA5ODfIAQmpAtbSiSNeebA-qAMBqgTDAU_Q_AdSkOceoB5rfA_ZPiabLDN1zxGKie4dUPokcG_0NVVT57Va5edGMqcPZYxkDpIGxksUzYaFSrB80PaUndPyrlsMHm646heHnPKeYDFDXDAf0j9kOsVknUOdRY32YmXy7C0eybIFUIvyEPMuuq2gzwQTY4S3k3iHecRd551M2l0x_GoWKrxyFZvTZB2P-i7fCPWJxQoFvsueSBglMx5gg0JmtDSf8oEi8RnSaG_q9Mvw2MJuVzWbAEYEreJ3bpxOS4AGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzIwODIxNDQzNzM0MDk4NxgA&sigh=APy9PQDEXBo&uach_m=[UACH]&cid=CAQSOwDq26N9aaPllKPSDsVhFFlTplnfkWjlDZxYezDFQBMpPtcDbcYsDrqShaApYDFxLxNr7k6yKgytgyQCGAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&adk=3749226152&adf=1197125821&pi=t.aa~a.1279054838~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1100x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=-M&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280&nras=2&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AeUfkLhKxI&p=https%3A//koooralive.online&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 07:53:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame D22D 0
0 170ms
46ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kJCTFMz6RMwImAKdg2ICAgAAAOwFQoYp16K3EGBzY2O9ZlSHf54H8wHuIAASAAA&wp=Y2NzYAAKE3UFKM-6AAxOAd59Wd5OkOmzuGkEKw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 296425
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6A17 133 KB
45 KB 136ms
136ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2NzYAAKE3UFKM-6AAxOAd59Wd5OkOmzuGkEKw&u=%7CEryzPjamggRpXnZY2cmQQNtZOWGaam%2BT1TVb3M%2FqUdE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoCxxkKCLRpS669dkhb0EIObkTuJfFt_rg3sle-BLDFOPOhmesOq3XG3mkSMqiK5ldgxu0QcMwMLIYbUa67WveVketf-bCa0OvMFtQisY4Cv7Gr5tpDnD4ZcxEoqrX2d3lvlVXBmVmu2APF_FJMEy3v9pCGvqrM-W87XzCd_-z-9Af5w_XvOITHE62O3pTeW0jNWtAFE7n0Ekb2mmGePDwB0nO9LBQlqinnHMn16vDjsF65sAgd4kifnJcaC9Uy0r5_fuy-IbaGDvezzAnf2MRyBcqhCxYzvv36B61oHvfq3WPFlLD0nCNAv8Tl5LCsbU63PByEzPnHvQioULZ1S7loEJ6zDTebC6LKtizUC_oT_1_66iPsGfBLqelxZNsjswmK9Z99rL38olYqbj3TDfy0Ta08l_M0V-RLcHiaQoUY0YOCOf7mFGscz_S3nJiz29D8xIdy2IwBMf6XXDiDmm9YDxs02YbeFftMinvTSi1LVuLTv3ai0tcfIHzywqd9TW_A7KAJyCuM2pdt3P8IxuomA4U09vurn2265deiTLrgO6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjIdMYHNjY_WmKLqfo9kPgZyx0AvJntKxXPXalvdwwI23ARABIABglYKmgrAHggEXY2EtcHViLTMyMDgyMTQ0MzczNDA5ODfIAQmpAtbSiSNeebA-qAMBqgTGAU_Q_AdSkOceoB5rfA_ZPiabLDN1zxGKie4dUPokcG_0NVVT57Va5edGMqcPZYxkDpIGxksUzYaFSrB80PaUndPyrlsMHm646heHnPKeYDFDXDAf0j9kOsVknUOdRY32YmXy7C0eybIFUIvyEPMuuq2gzwQTY4S3k3iHecRd551M2l0x_GoWKrxyFZvTZB2P-i7fCPWJxQoFvsueSBhnMT_yBM36p4sD5iLyzL8qYXvgQsHewEDanwg98vkagfryxBhd9MGITIAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22mFRktJFGL9sIWuMJHa9F00YJ8w%26client%3Dca-pub-3208214437340987%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

27f1adc31ab95c6c20398f3d40f4212c1a6f7389009f67b82a2278e4afb03b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZztwJ6TmVJjb0hV0yIVIJ9X1uRAT9Foe2967nnFTWEv_hCuh4XDfWmljKMMgFkfWHJoiJ9plOJSB8M2RfFpRVCWzvBDMMW_U1QyjCB5l7phOX_Xmoo2OjbxoU94ztIAW3eNTMnZyveVp8N0AB3f-aDFjTaxH-fnC1r6g6RaVuVLXLzQ0wyoWbW911B3mXnM5aMIAFaUPpu0s-viq1jQU6ouIViw2Yht-pSq2O2ddvYQCWLzSepwJ3XIxJafSgJwSIWBYfA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 78817654
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6A3D 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 16:40:17 GMT
etag: 48472445140208031
expires: Thu, 03 Nov 2022 16:40:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E001 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZwPkYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoEwgFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkrJ2l5IaVnQavnIAb0o6KjpiQXwPiIBDeZ5doQQR6YVSOtvUowq-YAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMjA4MjE0NDM3MzQwOTg3GAA&sigh=CVu9dQ0oZN4&uach_m=[UACH]&cid=CAQSOwDq26N95VF-6lutGS9OYkX6cZbpEiYN6fJJRzt9f-w_ZnSK7GlpfZ4aHykdR92I6BvJVm0pviaueIMIGAEgEw

Requested by

Host: koooralive.online
URL: https://koooralive.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1200x90&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=0&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280%2C1100x280&nras=3&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5Ote6YcNyi&p=https%3A//koooralive.online&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 07:53:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E001 0
0 137ms
49ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kbs82k4g563b1735hz5anff7grm5hebm05qv356mdznpc36bax8bw8y3s3b6ta1p0k3steq7qy1gb81yj9bwh6ad2abddrp72jmy0pndnj4vnq08nyj98y4xa5879tf9v0a22hwcw9kp8kx4tbfqcmbv5a8077jk6bpnsa9rbtf0pa1nh5x2xv4wz89k7qxva0ybv5m8e23669kwye5ygzwpzcrtsczmdpn3mjkvhbrn8vq7r01edezwxmgrnkz06v16mz521yx7t2n5snthscevzrnxxap4my719xhhzw0pyskmbxp53v56t62c3t8n52wsvpmy3y8t7eahv4tcse0rhk543d7z3ysq6tr52dk6snw62er68d6p38af76c3wksremhm8bbv4vtwt7wjjkq7grg6cjw&b=Y2NzYAAKH1sDigUOAAlOgOPZvjkNlTSQ3k1mWg
Requested by: Host: koooralive.online
URL: https://koooralive.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 03 Nov 2022 07:53:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 0AF9 2 KB
2 KB 148ms
57ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1htkwsj7x509y4j76daabq0sbfenksmh1fzgqez4t3df2fpss7wy006ca4g303ctvds6m56p9aqwt6vm5kpnnx281s7p05rdvves3yq1perap55dv68wt7fc26fggrt4ye7ce8exz9qr2vpzjay9grd6atfzz4vw4jptg5atd05n9xcbw1hwy88s76vfx1zf71ekag61ktwbaf6bzqw69vjxva9n18sw9b26t1vxn1cj4bv8wx8vs5b8nw87zt1ck312e1xyfnyws4psm17v8zm897yv6as36ayg98k3y3zpd8w8nnrytedkw2baebk4201sb2rf0qvtrc5rw60fjnftc7nxs9vfj8djp95hajmyk5mk61h8bps67cya5tqna3p3sa3jpcktw0rcytq9r9a6tqp9mwkt4jcfwsfhyzdhjnke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%26client%3Dca-pub-3208214437340987%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1200x90&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=0&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280%2C1100x280&nras=3&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5Ote6YcNyi&p=https%3A//koooralive.online&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fe0cd5ee73ce7df2bbedc771342299d6e3c1b92082f8bc20cdd3a34c2f86968

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 764388c03db09a30-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:05 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame E001 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 385D 1 KB
643 B 41ms
41ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 16:40:17 GMT
etag: 48472445140208031
expires: Thu, 03 Nov 2022 16:40:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame E001 17 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E001 0
0 100ms
46ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQos7I2yZM3aKg58NxwsQvTghlKOwF32nLdG0c4jWv59Yk5wbEowxeZfuZUsf0pBoAiNxxz_QLTtJmdsUzaNPmMEX7fbA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1200x90&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=0&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280%2C1100x280&nras=3&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5Ote6YcNyi&p=https%3A//koooralive.online&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E001 153 KB
47 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 07:53:05 GMT

GET
DATA 200
OK truncated
/ Frame D22D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1594acd22bc388da0a6607fae8e482b9dbf06e4ca2e49066c6e846fd4f560e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6A3D 35 B
463 B 143ms
43ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGBJO-DXiyvpbgxvlsPt6to&google_cver=1&google_push=AZmPxg81RP_RQOqBSWT9_TaN-a52AxYmmp0Cw6CcdJWOas_h009EN7hAUVu6xO4dQP5iVnzoCTkNAsGmUxWXW3XsLFFch-R2kkp6OK3rgk1Rj8ro8GxNGaX6nPX5c2LUxuKM2HiJHyaON1Fk5pQCZk0xPf8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A3D
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJsFU9yMb77wZJ2HNT8zTaE&google_cver=1&google_push=AZmPxg_IzeAxsD0NqrWS0axvIk62kdERdPjewCu8tf839rR4i5vebIT3Izka4rr7hsscTbj8o43hV5p7C3xRtE1w4o0rSaLZ5bY9V...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_IzeAxsD0NqrWS0axvIk62kdERdPjewCu8tf839rR4i5vebIT3Izka4rr7hsscTbj8o43hV5p7C3xRtE1w4o0rSaLZ5bY9VAciKPjNfVeYy80oK4Woam_tKq1FNPPw...

170 B
188 B

126ms
49ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_IzeAxsD0NqrWS0axvIk62kdERdPjewCu8tf839rR4i5vebIT3Izka4rr7hsscTbj8o43hV5p7C3xRtE1w4o0rSaLZ5bY9VAciKPjNfVeYy80oK4Woam_tKq1FNPPwg0GJNn2BeqHmCTeCsiGLZ2U&google_hm=Q0FFU0VKc0ZVOXlNYjc3d1pKMkhOVDh6VGFF

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 07:53:04 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_IzeAxsD0NqrWS0axvIk62kdERdPjewCu8tf839rR4i5vebIT3Izka4rr7hsscTbj8o43hV5p7C3xRtE1w4o0rSaLZ5bY9VAciKPjNfVeYy80oK4Woam_tKq1FNPPwg0GJNn2BeqHmCTeCsiGLZ2U&google_hm=Q0FFU0VKc0ZVOXlNYjc3d1pKMkhOVDh6VGFF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 6A3D 43 B
356 B 142ms
48ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAIllWjElO5FDikaBqU2ntk&google_push=AZmPxg_Ktp7ppCN4d_ot2nc1LYCtleDBJzrHSuLdA1qlpjMirLW2Tiq5AqH_lr8RqpQ9TykWcBiC6l3Mlt1bP2rPEa4yR6HuC_6_K4T56_CwRekPYGW6HpEOMHns111xmR0YjXtRhMq0M6MCwWZrfl-jztw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&adk=3749226152&adf=1197125821&pi=t.aa~a.1279054838~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1100x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=-M&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280&nras=2&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AeUfkLhKxI&p=https%3A//koooralive.online&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6A3D 43 B
350 B 132ms
45ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEH5vrgNnaJc1Ju3z_nFEjmU&google_cver=1&google_push=AZmPxg-CKnezdns148XmMZqLQIq0v01r1XP8SnNcSK9F3Y0HIBce4JG1hRb7ES5GVmsim3MZxRHXQ7b_iZQkvGLWfN-WmJaZTfrLbvEAoVHlKdN-0QCW3PrZyZUB4XcIpwXB-otJqZyLHnu906gsnLd9UbM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&adk=3749226152&adf=1197125821&pi=t.aa~a.1279054838~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1100x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=-M&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280&nras=2&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AeUfkLhKxI&p=https%3A//koooralive.online&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:04 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5mrj3ipu6lsjo70b0939t2sh6ot3hdhu

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A3D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XXeenu3rRMeOqdzDf3qPYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

115ms
49ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XXeenu3rRMeOqdzDf3qPYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-cLToXZRatexeBbBghE0r_gZvWlrJ6lufLzz6lQ6ZH-kVUJcdElWn3t_6E6N05GG3I_08TFJI0VVZGsBFbop1f0IdNxU6fr-IFjaC6ybaMEQDi1x1lAUV8oQZKKBRxOCDhjj7pwm-QUlLPTbQdg4Q

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XXeenu3rRMeOqdzDf3qPYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-cLToXZRatexeBbBghE0r_gZvWlrJ6lufLzz6lQ6ZH-kVUJcdElWn3t_6E6N05GG3I_08TFJI0VVZGsBFbop1f0IdNxU6fr-IFjaC6ybaMEQDi1x1lAUV8oQZKKBRxOCDhjj7pwm-QUlLPTbQdg4Q
date: Thu, 03 Nov 2022 07:53:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A3D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBfgbVLjpaKTOSgCVdq8aPg&google_cver=1&google_push=AZmPxg-bGaGDYYfILwXSRbHrw4oZJ_GS8Ae3B0Y3bQOT2x8GeCoQ5ubBuPpeaClSdZg_G3XTNmG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwUlRBQ0ctMU8tRzlRWg==&google_push=AZmPxg-bGaGDYYfILwXSRbHrw4oZJ_GS8Ae3B0Y3bQOT2x8GeCoQ5ubBuPpeaClSdZg_G3XTNmGHe8r05f1kvQQA5kKVgXJEi2rY1...

170 B
188 B

104ms
49ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwUlRBQ0ctMU8tRzlRWg==&google_push=AZmPxg-bGaGDYYfILwXSRbHrw4oZJ_GS8Ae3B0Y3bQOT2x8GeCoQ5ubBuPpeaClSdZg_G3XTNmGHe8r05f1kvQQA5kKVgXJEi2rY1cWalGvqfFcuUhywn4XtrJWSJBwH424ajT889MU6VCkO2v_8GtPtPA

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwUlRBQ0ctMU8tRzlRWg==&google_push=AZmPxg-bGaGDYYfILwXSRbHrw4oZJ_GS8Ae3B0Y3bQOT2x8GeCoQ5ubBuPpeaClSdZg_G3XTNmGHe8r05f1kvQQA5kKVgXJEi2rY1cWalGvqfFcuUhywn4XtrJWSJBwH424ajT889MU6VCkO2v_8GtPtPA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A3D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_hm=Y2NzYewl7inITWyYhRhclQAABFIAAAIB&google_nid=index&google_push=AZmPxg85NjudibKCUmF2ORc4GF_vO5gzTF2oM...

170 B
188 B

50ms
47ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_hm=Y2NzYewl7inITWyYhRhclQAABFIAAAIB&google_nid=index&google_push=AZmPxg85NjudibKCUmF2ORc4GF_vO5gzTF2oMYdfe6q9ley8gYkQWgOJQRNRtZktfimEbFBkT2eSNHIF5z470tSNxg7izV5ZTCfHyVQYzKJbE5OHL0vCUc3oNVn8ccppfVQW6S3mupcpwCR7t98njow5fQ

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKJeZEHl11Mz5sDibCEwRdWXg7ol1nbi7Pln%2FVAlAS90QROF3dKmWm4FtmUEstEQ61KnQ0QeYUhw4KtzSCUIQg8Hzaa9cKEQc3fGnJVGCgigQM4K3DcztTKcbCFJSLoIy%2BJ7iaewbJc1hw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_hm=Y2NzYewl7inITWyYhRhclQAABFIAAAIB&google_nid=index&google_push=AZmPxg85NjudibKCUmF2ORc4GF_vO5gzTF2oMYdfe6q9ley8gYkQWgOJQRNRtZktfimEbFBkT2eSNHIF5z470tSNxg7izV5ZTCfHyVQYzKJbE5OHL0vCUc3oNVn8ccppfVQW6S3mupcpwCR7t98njow5fQ
cache-control: no-cache
cf-ray: 764388c13a766931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6A3D 0
40 B 152ms
46ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KpN_JgGp6_ZhVdBjXhFeSaiSoiPKIvqh0nYulbvQ8XRVoiIbAA-v86OXce13FO0evm8bIy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame E001 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae603c4afd319583f9d6be914622c1b1889c5b1e16825c8e63f03eeacbb630e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 385D 35 B
464 B 99ms
41ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGBJO-DXiyvpbgxvlsPt6to&google_cver=1&google_push=AZmPxg9J0jHhwGRHnbszGMCop9QGBKTT0P5uR5h3SGQHiw-UopBYzRVm3SyWyGGX3nVQ0GvQGU6Bh6K1hAikXuD14n0w1NGVZoFL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 385D 0
98 B 148ms
46ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-9XrOTFoUSx4BA_gavaLR3A6MycYlIK6zGNmB1padwM42Kb9wlUUfz91f3nPE5_NaW5xquqpxkJFAyZUKqWG-VQ-kHiCd7&google_gid=CAESEKDGb7W6ZTist15-P7xHKaU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1200x90&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=0&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280%2C1100x280&nras=3&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5Ote6YcNyi&p=https%3A//koooralive.online&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 385D 43 B
135 B 91ms
46ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEH5vrgNnaJc1Ju3z_nFEjmU&google_cver=1&google_push=AZmPxg8SHMTXWTmgrxjwAlqwoMIIbwIeKMBmH8q7cI6Fnwloh4L0jqypSTqPz6t1S7Y-0BN2TB90i4QxifTUyhfjA398xgyaZyvT
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1667461984&rafmt=1&to=qs&pwprc=5447210825&format=1200x90&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461984570&bpp=1&bdt=1699&idt=0&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19f8966d3abd8255-22891d5065ce000a%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ&gpic=UID%3D00000b7bc8b5c06f%3AT%3D1667461983%3ART%3D1667461983%3AS%3DALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g&prev_fmts=0x0%2C1200x280%2C1100x280%2C1100x280&nras=3&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&psts=APxP-9Bg59bq0Nak8FOq_SrdgLruRUnUrl-Hq7jJQeHBZO2oH8DPjXf-jqRe_CO5XUDTPCs8F7ZvZHxNbTG5PGg%2CAPxP-9AEO5505CcyrbBQSRqhvP0TAS7dpUvuXzbXCZaOoNaw4MkTZG9Mcn112lPmNMkRFSFnl-Mr_-tAzJw&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5Ote6YcNyi&p=https%3A//koooralive.online&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:04 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: unqa97qnlr9hm41n5020vpo2e67vdiu4

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 385D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tQg9DCo0QuucYqHfv1k2ww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

115ms
51ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tQg9DCo0QuucYqHfv1k2ww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8Obuh6iRMk87BjxRSz9HLhlAxM7z_wcmEf1FajP88-RPea2-nqhBc2A66ojase9Q1hYhmjJe8MkofcEuatGNRcNLIoFn3C

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tQg9DCo0QuucYqHfv1k2ww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8Obuh6iRMk87BjxRSz9HLhlAxM7z_wcmEf1FajP88-RPea2-nqhBc2A66ojase9Q1hYhmjJe8MkofcEuatGNRcNLIoFn3C
date: Thu, 03 Nov 2022 07:53:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 385D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBfgbVLjpaKTOSgCVdq8aPg&google_cver=1&google_push=AZmPxg-GYojN5UXzPZ3J_4Tw_oE5ReVOXuBY6-37p3qYkAlm3cIo56vCTtPP0Ai2XyJce0vgcoK...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwUlRBQ0gtUS1LN04x&google_push=AZmPxg-GYojN5UXzPZ3J_4Tw_oE5ReVOXuBY6-37p3qYkAlm3cIo56vCTtPP0Ai2XyJce0vgcoKiSZkJM8Itx130lwj_st8aMvQ

170 B
188 B

105ms
50ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwUlRBQ0gtUS1LN04x&google_push=AZmPxg-GYojN5UXzPZ3J_4Tw_oE5ReVOXuBY6-37p3qYkAlm3cIo56vCTtPP0Ai2XyJce0vgcoKiSZkJM8Itx130lwj_st8aMvQ

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwUlRBQ0gtUS1LN04x&google_push=AZmPxg-GYojN5UXzPZ3J_4Tw_oE5ReVOXuBY6-37p3qYkAlm3cIo56vCTtPP0Ai2XyJce0vgcoKiSZkJM8Itx130lwj_st8aMvQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 385D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_hm=Y2NzYUTgYVH__WpALPGFnAAABGQAAAIB&google_nid=index&google_push=AZmPxg-5v4NPgIK1zTT2Y1ddhGM5Lo2xyTe2x...

170 B
188 B

51ms
51ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_hm=Y2NzYUTgYVH__WpALPGFnAAABGQAAAIB&google_nid=index&google_push=AZmPxg-5v4NPgIK1zTT2Y1ddhGM5Lo2xyTe2xpaLgzXA3qUGwLaHtFbvb10Renxs7Y6p5_cA8ZSPVWghx0QpJPsA7W2HETHRJkzd

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9zXXNMjNGROLUX2x19Qbd3Rkjyf9vutHVOiPNW1Zrpe8C3gFMxpTYtAbkI%2FXJkv24z2KcEyBjwcvFogom%2BRjP0lOujPwck7MfXYqojfDZAA38Lw0uMrsLZUrHQ2insbFJLYLLRqDDp%2BQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdpLUPDBJ3HKgFc2_4OKWw&google_hm=Y2NzYUTgYVH__WpALPGFnAAABGQAAAIB&google_nid=index&google_push=AZmPxg-5v4NPgIK1zTT2Y1ddhGM5Lo2xyTe2xpaLgzXA3qUGwLaHtFbvb10Renxs7Y6p5_cA8ZSPVWghx0QpJPsA7W2HETHRJkzd
cache-control: no-cache
cf-ray: 764388c13a796931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 385D 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 385D 0
232 B 108ms
45ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iz9KdXgc9jnQ65VCzSrSFo0BtAE23MMnM4IMwWij5BYUrzZtHoxZOkWSPze4cf0BvHJz8hSg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6A17 2 KB
1 KB 45ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2NzYAAKE3UFKM-6AAxOAd59Wd5OkOmzuGkEKw&u=%7CEryzPjamggRpXnZY2cmQQNtZOWGaam%2BT1TVb3M%2FqUdE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoCxxkKCLRpS669dkhb0EIObkTuJfFt_rg3sle-BLDFOPOhmesOq3XG3mkSMqiK5ldgxu0QcMwMLIYbUa67WveVketf-bCa0OvMFtQisY4Cv7Gr5tpDnD4ZcxEoqrX2d3lvlVXBmVmu2APF_FJMEy3v9pCGvqrM-W87XzCd_-z-9Af5w_XvOITHE62O3pTeW0jNWtAFE7n0Ekb2mmGePDwB0nO9LBQlqinnHMn16vDjsF65sAgd4kifnJcaC9Uy0r5_fuy-IbaGDvezzAnf2MRyBcqhCxYzvv36B61oHvfq3WPFlLD0nCNAv8Tl5LCsbU63PByEzPnHvQioULZ1S7loEJ6zDTebC6LKtizUC_oT_1_66iPsGfBLqelxZNsjswmK9Z99rL38olYqbj3TDfy0Ta08l_M0V-RLcHiaQoUY0YOCOf7mFGscz_S3nJiz29D8xIdy2IwBMf6XXDiDmm9YDxs02YbeFftMinvTSi1LVuLTv3ai0tcfIHzywqd9TW_A7KAJyCuM2pdt3P8IxuomA4U09vurn2265deiTLrgO6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjIdMYHNjY_WmKLqfo9kPgZyx0AvJntKxXPXalvdwwI23ARABIABglYKmgrAHggEXY2EtcHViLTMyMDgyMTQ0MzczNDA5ODfIAQmpAtbSiSNeebA-qAMBqgTGAU_Q_AdSkOceoB5rfA_ZPiabLDN1zxGKie4dUPokcG_0NVVT57Va5edGMqcPZYxkDpIGxksUzYaFSrB80PaUndPyrlsMHm646heHnPKeYDFDXDAf0j9kOsVknUOdRY32YmXy7C0eybIFUIvyEPMuuq2gzwQTY4S3k3iHecRd551M2l0x_GoWKrxyFZvTZB2P-i7fCPWJxQoFvsueSBhnMT_yBM36p4sD5iLyzL8qYXvgQsHewEDanwg98vkagfryxBhd9MGITIAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22mFRktJFGL9sIWuMJHa9F00YJ8w%26client%3Dca-pub-3208214437340987%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6A17 2 KB
1 KB 44ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6A17 308 B
636 B 42ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 29 Oct 2023 07:53:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6A17 293 B
621 B 46ms
45ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 29 Oct 2023 07:53:05 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 6A17 43 B
347 B 44ms
44ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=LTEfsiB1GfGKclueEhCYwN_E1njfdnB37lwUy42gH1qSd5qIeLA6O5PtFMP-PvtvUeBVCFWsMR4t-_DyhYuRY38YTJkf61KIwuwUDzwPc8zqCkFnVkSnDlDWtsM7v44Y-tjIfXOSfOfzTLQU01QIWXGSbjwq6jLmsjtTInYQYx-7AJFgWhWP6KqvPvk7qO7NVX1Ye-L3YgQ-EGozNpUJUP_Fl0ez1d2wZ3zxXpPX1dQGrHmQMOct-2ikRmmWKJ2IPeFJN1sxUW-kpE0WGeZexA4JdivG8pkPmUKRu2B5-gMGXH0KCpasGXFUjeqo1zOQiiUKUfrZw0JTTVSk9BC-rQEDiJWusnALB2q2fzV-9s76IWHW0dgHmosC9n6EHB_Sw0IJgqEchrpUco6E8lVG8x1v13JAKlT1B0CORTFhUdc-7tl0uZbplIoNqAjXAAJKkrQuOQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2962663
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 6A17 44 B
750 B 282ms
144ms Image
image/gif 2600:9000:21f3:2000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1667461985
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2NzYAAKE3UFKM-6AAxOAd59Wd5OkOmzuGkEKw&u=%7CEryzPjamggRpXnZY2cmQQNtZOWGaam%2BT1TVb3M%2FqUdE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoCxxkKCLRpS669dkhb0EIObkTuJfFt_rg3sle-BLDFOPOhmesOq3XG3mkSMqiK5ldgxu0QcMwMLIYbUa67WveVketf-bCa0OvMFtQisY4Cv7Gr5tpDnD4ZcxEoqrX2d3lvlVXBmVmu2APF_FJMEy3v9pCGvqrM-W87XzCd_-z-9Af5w_XvOITHE62O3pTeW0jNWtAFE7n0Ekb2mmGePDwB0nO9LBQlqinnHMn16vDjsF65sAgd4kifnJcaC9Uy0r5_fuy-IbaGDvezzAnf2MRyBcqhCxYzvv36B61oHvfq3WPFlLD0nCNAv8Tl5LCsbU63PByEzPnHvQioULZ1S7loEJ6zDTebC6LKtizUC_oT_1_66iPsGfBLqelxZNsjswmK9Z99rL38olYqbj3TDfy0Ta08l_M0V-RLcHiaQoUY0YOCOf7mFGscz_S3nJiz29D8xIdy2IwBMf6XXDiDmm9YDxs02YbeFftMinvTSi1LVuLTv3ai0tcfIHzywqd9TW_A7KAJyCuM2pdt3P8IxuomA4U09vurn2265deiTLrgO6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjIdMYHNjY_WmKLqfo9kPgZyx0AvJntKxXPXalvdwwI23ARABIABglYKmgrAHggEXY2EtcHViLTMyMDgyMTQ0MzczNDA5ODfIAQmpAtbSiSNeebA-qAMBqgTGAU_Q_AdSkOceoB5rfA_ZPiabLDN1zxGKie4dUPokcG_0NVVT57Va5edGMqcPZYxkDpIGxksUzYaFSrB80PaUndPyrlsMHm646heHnPKeYDFDXDAf0j9kOsVknUOdRY32YmXy7C0eybIFUIvyEPMuuq2gzwQTY4S3k3iHecRd551M2l0x_GoWKrxyFZvTZB2P-i7fCPWJxQoFvsueSBhnMT_yBM36p4sD5iLyzL8qYXvgQsHewEDanwg98vkagfryxBhd9MGITIAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22mFRktJFGL9sIWuMJHa9F00YJ8w%26client%3Dca-pub-3208214437340987%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: lp2qdtTH5H91ii8JsBJ4JRBQHrA2R92nkgLtnS74m-eoRG2VQqnpdg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 0AF9 89 KB
11 KB 104ms
57ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1htkwsj7x509y4j76daabq0sbfenksmh1fzgqez4t3df2fpss7wy006ca4g303ctvds6m56p9aqwt6vm5kpnnx281s7p05rdvves3yq1perap55dv68wt7fc26fggrt4ye7ce8exz9qr2vpzjay9grd6atfzz4vw4jptg5atd05n9xcbw1hwy88s76vfx1zf71ekag61ktwbaf6bzqw69vjxva9n18sw9b26t1vxn1cj4bv8wx8vs5b8nw87zt1ck312e1xyfnyws4psm17v8zm897yv6as36ayg98k3y3zpd8w8nnrytedkw2baebk4201sb2rf0qvtrc5rw60fjnftc7nxs9vfj8djp95hajmyk5mk61h8bps67cya5tqna3p3sa3jpcktw0rcytq9r9a6tqp9mwkt4jcfwsfhyzdhjnke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%26client%3Dca-pub-3208214437340987%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1htkwsj7x509y4j76daabq0sbfenksmh1fzgqez4t3df2fpss7wy006ca4g303ctvds6m56p9aqwt6vm5kpnnx281s7p05rdvves3yq1perap55dv68wt7fc26fggrt4ye7ce8exz9qr2vpzjay9grd6atfzz4vw4jptg5atd05n9xcbw1hwy88s76vfx1zf71ekag61ktwbaf6bzqw69vjxva9n18sw9b26t1vxn1cj4bv8wx8vs5b8nw87zt1ck312e1xyfnyws4psm17v8zm897yv6as36ayg98k3y3zpd8w8nnrytedkw2baebk4201sb2rf0qvtrc5rw60fjnftc7nxs9vfj8djp95hajmyk5mk61h8bps67cya5tqna3p3sa3jpcktw0rcytq9r9a6tqp9mwkt4jcfwsfhyzdhjnke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%26client%3Dca-pub-3208214437340987%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 52044
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 764388c0ebeabb8c-FRA
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0AF9 36 KB
12 KB 60ms
50ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1htkwsj7x509y4j76daabq0sbfenksmh1fzgqez4t3df2fpss7wy006ca4g303ctvds6m56p9aqwt6vm5kpnnx281s7p05rdvves3yq1perap55dv68wt7fc26fggrt4ye7ce8exz9qr2vpzjay9grd6atfzz4vw4jptg5atd05n9xcbw1hwy88s76vfx1zf71ekag61ktwbaf6bzqw69vjxva9n18sw9b26t1vxn1cj4bv8wx8vs5b8nw87zt1ck312e1xyfnyws4psm17v8zm897yv6as36ayg98k3y3zpd8w8nnrytedkw2baebk4201sb2rf0qvtrc5rw60fjnftc7nxs9vfj8djp95hajmyk5mk61h8bps67cya5tqna3p3sa3jpcktw0rcytq9r9a6tqp9mwkt4jcfwsfhyzdhjnke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%26client%3Dca-pub-3208214437340987%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162782
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47UT%2Bu6HNsAnF5%2Bn6womOP6cmRvYAnp5Yn8xW3%2FAFOJqtLwI2%2BADIMSFeXSYzB7rI4N4DpOb0rp62OeRk%2BENd0jypjnPXuriRUoNsAVuljIalcFJfmSSSMNEkn0AtNj2LRjyiyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 764388c0ae999a30-FRA
expires: Tue, 25 Oct 2022 10:40:09 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6A17 12 KB
6 KB 46ms
44ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6A17 2 KB
2 KB 56ms
50ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=800&s=HYbmSDVtbe5wAnm1TH3AhaIB&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=94550
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 04 Nov 2022 10:08:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6A17 1 KB
2 KB 57ms
50ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr-Ing-h-c-F-Porsche-AG-DE.gif%3Feb%3D1&v=3&w=800&s=3BfJpB0GxMa8jPBnvLVcEXRw&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

2ea4753c508a2bc6bfa07a7c78f8bd88730aed18049df29c9d84e4c902755cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2276243
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1380
expires: Tue, 29 Nov 2022 16:10:28 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6A17 0
127 B 47ms
41ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ZztwJ6TmVJjb0hV0yIVIJ9X1uRAT9Foe2967nnFTWEv_hCuh4XDfWmljKMMgFkfWHJoiJ9plOJSB8M2RfFpRVCWzvBDMMW_U1QyjCB5l7phOX_Xmoo2OjbxoU94ztIAW3eNTMnZyveVp8N0AB3f-aDFjTaxH-fnC1r6g6RaVuVLXLzQ0wyoWbW911B3mXnM5aMIAFaUPpu0s-viq1jQU6ouIViw2Yht-pSq2O2ddvYQCWLzSepwJ3XIxJafSgJwSIWBYfA&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 03 Nov 2022 07:53:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6A17 2 KB
1 KB 52ms
47ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6A17 2 KB
1 KB 44ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 07:53:05 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 88EC 42 B
64 B 155ms
72ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWARQP9BXgMObzl2ZcmPue5nRijptIX-5p7cTEZPHfqbuJPQS0AiBzmCxCaiLMiUg5nV7Uoxxvo6Zbn23f2t-C6cw&sig=Cg0ArKJSzLPyCc9PQxATEAE&id=lidar2&mcvt=1004&p=0,0,280,1200&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3748555641&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667461983539&rpt=937&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0AF9 3 KB
4 KB 146ms
48ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24366267
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaZHYe4Dxhql1FYuhwfWUuLV0yadI7AwicV3zTA%2F2EdnsDanDJZcMxRVDicwe7SG7orJcNSTAILLCQYYaVHgQ%2BFK52%2FXRRzVXrQ5Fh2fdb%2F3L4SFS%2BIsMF182%2FbeUpMz9GQxJMhF3H8GytpIWmbNgZ5D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 764388c20913bbce-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame A208 2 KB
1 KB 56ms
53ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 647272
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 764388c17d17bb8c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 03 Nov 2022 07:53:05 GMT
expires: Wed, 26 Oct 2022 21:05:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erqeQpSwHL5IRk9pBFxMc3eM5yJzMDIqmQI0is5HLfq1doD6OD%2BJFDttREH%2FnUE7uGDQgXQLWEzOncdkC1MeZyNNg%2FR16JON0YOJdI%2B320uT%2BUjBRiNKJ6jJVkrLDu5i63Qkak8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 0AF9 1 KB
2 KB 67ms
66ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be4995c5f56057788315622ddddb8700b604556edacd85ad46fced9636131d75

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc0qoBSGj%2F8UsKzr%2BNzcop06OK8z1LVuJwO%2FjUcSVXm1f9w4SoqoNL516azA7LojuYi25B3SL9pHnNBZceaWRgujOJ9FuPTBEnvuuQHei5eQUJREXOz18kGe7524TxvfTA90qTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 764388c29b629b4f-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 100ms
59ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 764388c23ab19b4f-FRA
content-length: 24
content-type: text/plain
date: Thu, 03 Nov 2022 07:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbZt4BOgiRDOV%2BHpdjcMPu1tM05ej83zqd14HdgT0y5vhAbHU6mrvvb7gBN%2Fb3SGmk9J7iXF%2FyIlgSOBEEpW61ZSSypjT6vQOsCj9FXFv6j7OGWpJEtujQw%2Ber%2B2EkV2s8XKP50%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 54ms
54ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68dd552727cf9933dca0f9a8e3efdcd1b0639ba3fe1cb47eb3b668ecfee39de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11270
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame BD2A 0
127 B 41ms
41ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 03 Nov 2022 07:53:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 07:53:05 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame E986 11 KB
5 KB 73ms
72ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68913ba2c9f9c5ae6934d892c44ef91935c24bad121cd726516d013165be52a8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1htkwsj7x509y4j76daabq0sbfenksmh1fzgqez4t3df2fpss7wy006ca4g303ctvds6m56p9aqwt6vm5kpnnx281s7p05rdvves3yq1perap55dv68wt7fc26fggrt4ye7ce8exz9qr2vpzjay9grd6atfzz4vw4jptg5atd05n9xcbw1hwy88s76vfx1zf71ekag61ktwbaf6bzqw69vjxva9n18sw9b26t1vxn1cj4bv8wx8vs5b8nw87zt1ck312e1xyfnyws4psm17v8zm897yv6as36ayg98k3y3zpd8w8nnrytedkw2baebk4201sb2rf0qvtrc5rw60fjnftc7nxs9vfj8djp95hajmyk5mk61h8bps67cya5tqna3p3sa3jpcktw0rcytq9r9a6tqp9mwkt4jcfwsfhyzdhjnke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%26client%3Dca-pub-3208214437340987%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 764388c3180abb8c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:05 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8E9F 13 KB
5 KB 39ms
37ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koooralive.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:44:43 GMT
expires: Fri, 03 Nov 2023 07:44:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9D5C 783 B
533 B 142ms
58ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94e993204b6f2bea826b433977da0f253eff2b438da10fe34dc74404bb4a3245

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0KcbHIvn4i9cKcqDNpcbmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koooralive.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-0KcbHIvn4i9cKcqDNpcbmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 07:53:05 GMT
expires: Thu, 03 Nov 2022 07:53:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E9F 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 18:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 18:48:52 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame E986 89 KB
11 KB 56ms
50ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 52044
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 764388c3a92dbb8c-FRA
expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame E986 8 KB
9 KB 104ms
87ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2124791
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJwMSkIQL%2B5%2Fqkum%2B%2FBR2d6gDhZpP4HqcxQCFv35ILwH4a0Cvq0QhgsuPgNoYQiERNYiTWurZCB%2BPV9C7cEnmO7jG5xKF1LtMc64hxW4IvG8er8v%2BVBxOP2UvAn71ZaskowZnx42gQxgIbo0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 764388c3bbef9a30-FRA
expires: Fri, 04 Nov 2022 07:53:05 GMT

GET
H2 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame E986 93 KB
94 KB 104ms
91ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1260088
cf-polished: origFmt=png, origSize=155400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D13yr7P%2BHDKfmny3GdCFxX1nzqK%2B0Vq88Uoe72IPAvuBkT4gMqCsabZT8TmiTd8Jrhl0dDr7wHT%2FfOx9asXOccGJupm2wZtW4TbeY4b8orn%2BY0UFWpYUmpIGK%2F98ZpOfCPWavo4QL6LoLjmj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 764388c3bbf39a30-FRA
expires: Fri, 04 Nov 2022 07:53:05 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame E986
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CN6F5_rDkfsCFYnuuwgduoIH3w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667461986_8d25cbe0-5b4c-11ed-89a3-223851067267

0
517 B

135ms
39ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667461986_8d25cbe0-5b4c-11ed-89a3-223851067267
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 07:53:05 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Thu, 03 Nov 2022 07:53:06 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667461986_8d25cbe0-5b4c-11ed-89a3-223851067267
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame E986 18 KB
19 KB 101ms
89ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 735306
cf-polished: origFmt=png, origSize=35453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
cf-bgj: imgq:85,h2pri
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTDsfrhRR8e8iB5kLIvCN6M%2BJddG8lHWENzRSsWFDqQIcuWJ2xjRR5rnPGj288r69vvHr0DuHyXsZhp%2FcckCo0WbWIXA%2FG1m6aYQX3S25%2FQ6jovCCFEKu%2FmBImQYf6xfMj7Z2VbBRQ7QVZNF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 764388c3bbf59a30-FRA
expires: Fri, 04 Nov 2022 07:53:05 GMT

GET
H2 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame E986 9 KB
9 KB 102ms
91ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1169750
cf-polished: qual=85, origFmt=jpeg, origSize=83479
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
cf-bgj: imgq:85,h2pri
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Byxmo5vHrY83NYCaJzcKIIfNWlbwDdIiiSY0wNkbLkYRtAaf%2BQtRgxNa14aiOjNtrQBFB1KSG%2Bbwq6R5dwaqx54q5AuULqizMo9GjmbNXJiGhqB0Kdt%2FQE5diPCpoe9ZIbdHsV5Hd2fnbtKU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 764388c3bbf89a30-FRA
expires: Fri, 04 Nov 2022 07:53:05 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E986 43 B
704 B 204ms
107ms Image
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1oneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 07:53:06 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame E986 127 KB
128 KB 64ms
52ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1259578
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130162
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0Xmt5Ckn1sU2f1iQ6PJBe%2BFeah%2B5z6Txx68fJ%2FLwKZNBQVE2BTYKDd7PXi2vr%2Fn4zcVHt750j1aCQdTBiyYHwT6IjFw5Od4b9jx3x7mfbtKS039Yu6PyMryNAvFMO9B1PoQA1%2FIjms6eC8i"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 764388c3bbe89a30-FRA
expires: Fri, 04 Nov 2022 07:53:05 GMT

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame E986 461 KB
462 KB 102ms
91ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2459621
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vK6mluZqY2RxyET9wedfNn3LklKerFzqTnl57AuxBoNb00xbiDtkVJ00LZ0gMKLZMZgl7%2F2chp9ecgkef%2FqGQ9gVgJ0QQixCFF1iq84Y07TvdK9YUB3xx91mRIOFcyH2ECflaF%2F2C%2BC4%2BHyW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 764388c3bbed9a30-FRA
expires: Fri, 04 Nov 2022 07:53:05 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame E986 1 KB
2 KB 214ms
92ms Script
text/html 3.10.106.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j30apnfj7p4q6qa3xx3d9qktcyy192yrxrs85325xew585x4qd492yz2q28bkns1n2yd1ncc3xb82eg3ezqqgkmadbj5exa456cp9zchfq3y97bvenq8ghhg6e8a06c0amw7mb8yw5wgv071jn3pa6z83tfxtk20w6vnj6zq67r829n2v2dnx5j5fbjp1akdp4jtzd2f6z6vcgbdp57gj1dtyvm59wtbfkv7d9x7fv8j0hfwwv69h6kmr5jp1zw3fpze%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%252526client%25253Dca-pub-3208214437340987%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.106.59 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-106-59.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: d07e0ec0c986bf8e1c7904fed3d2b82c262fb5aa4416d9d0364b46f8cb072c55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:06 GMT
last-modified: Thu, 03 Nov 2022 07:53:06 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 03 Nov 2022 07:54:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D5C 0
0 70ms
70ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=365543914198539&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8E9F 0
10 B 48ms
47ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UiSwDQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DBD3 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEI14ZzJWYYoWkRSMmvE9qhxEeJwUvIK3VRNbsex3g-yuxK3ccL-YoFQEDeD2njVjUnPK1DBOf-XUCctDrVZdjMfcdopNwrlFFVnsL6ImPQQxo92or-JaePKRUnsQjwVLYDvlamA&sai=AMfl-YSjKp0ogIJm04PXqUawEXKOuS-ZJQJOEiQN7f6RlKG_w4Htv7wK__b-PsNzpINqwG9-Om2oDqXyY6gy85A&sig=Cg0ArKJSzCXkMIQU9uvYEAE&cid=CAQSGwDq26N9XWhBGYQ4jZ0j9Q6PqJSE3Zo_M_OCahgBIA4&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=109,794,1001,1101,1101&tos=109,685,207,100,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667461984693&rpt=316&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 07:53:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E986 85 KB
31 KB 164ms
43ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j30apnfj7p4q6qa3xx3d9qktcyy192yrxrs85325xew585x4qd492yz2q28bkns1n2yd1ncc3xb82eg3ezqqgkmadbj5exa456cp9zchfq3y97bvenq8ghhg6e8a06c0amw7mb8yw5wgv071jn3pa6z83tfxtk20w6vnj6zq67r829n2v2dnx5j5fbjp1akdp4jtzd2f6z6vcgbdp57gj1dtyvm59wtbfkv7d9x7fv8j0hfwwv69h6kmr5jp1zw3fpze%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%252526client%25253Dca-pub-3208214437340987%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 07:54:51 GMT
content-encoding: gzip
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 86296
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: dRLkFQGNnYuU1i34qApzrg2g0ZWLvjwsVs59OOqmuVh63TL8E8pWaw==

GET
H2 200 link.html
track.webgains.com/ Frame E986 48 KB
49 KB 148ms
148ms Image
image/gif 3.10.106.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=728&d=90&e=&g=4ff3e67606dca59b0cae6def1fe5e7ab%2F14076010707282378480&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667461985718&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcmk015qz1795p21m2bcf20f3mp53vdwhqv5askhydyym8ckqz2ex4c13p8qg48jnb99vdccwyw5qs8x3fd70cs45pdt475j2n556pyj2xjpnq6mksed27675xng19bn8f2wke5jv2r6dnxntysjvn40paghwe25mh6tds2dsgbbr9whhe7pjw5njgxe8cfm03qzrep941m1s31marewxpfk6s2c1scp6jbwtvp7wr0hb93gc1yhksfpnv4akvzvs46h2v0p1wn3ymg4f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEvZLYHNjY9u-KI6KqMwPgJ2l2AmQ4YGEXLaoworwAsCNtwEQASAAYJWCpoKwB4IBF2NhLXB1Yi0zMjA4MjE0NDM3MzQwOTg3yAEJqQLW0okjXnmwPqgDAaoExQFP0OEE2QrWi_PGN8oFoozVKOuEIW-Ce37VwKn9kqKcpjqRE7uUTv6lWhJ6GjnCkDYoMNB-7Yf6VICv0MC1y38rzTSngKcAodzINkJY7Oggl7svuMHKg0uR7xATSqeB8i715IXzNKxr3Y9qkKfUJN8ehLg77v6KxDZ8xjmh1u-7NIef_OJmLVs-PQkMzNusUrDaKWa8fYpmKH-0jkqL2H_avqBXKjFPSSvyoTobsBH6kygvFTv5tM2CvzILZPO6jhNqMaM6ZIAGysqOqf2VhrB5oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31pCe7AgEa_0jl3BQisS6OrKlX5w%2526client%253Dca-pub-3208214437340987%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.106.59 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-106-59.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:53:06 GMT
last-modified: Thu, 03 Nov 2022 07:53:06 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 03 Nov 2022 07:54:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=365543914198539&bg=!b2ylbCjNAAZPh4lnb4c7ACkAdvg8WpNZpiepqTy1oa1lrDk5-V2zJ1NhrtBp0XGvfP4YojaZNY-p1wIAAAB8UgAAAAJoAQcKAF0UUuI1jqJ3K4G_-kZ0Yn-zKNF9C9hz1u97a2em5n-SDVPghO8SIKoo80uWDRgBFx-lkziI-vw5XLsNft1jy81LSpQEIdg1JgaWbzIpkpjoaNuBqHfJb3bFTOpO9ymZArJFIhax8xnwnYy22ALyEbnKydKsbDMMr9hNz2mBB4LEQ6JFXWU3Q2-LVlnqQWdJTkJ34cIVYh7sx0EECLOphrmtTxybbJ3dzU2vyp6VWHHAAaHnE-gsoJJhYE4z4Qrl8iXFwtqqeYJOqECQhVpZ4GAT5YQINTsHBF8GGBzJW3dkkFQ1fCHYkZqyyVA8nF5gGK1s4WXIkEkLdVwytTpOOa9Ob1yP-RNpuA3xI0gcOmmeB-MO415Ws90jrCUo10KllWYBWepgp4UhOe45W1Di2LY3Tyf1JLi32j7aIHkrFyOlPeutcxUmghCo-nHrBaGoS9Z6h6e5YND2B6YSq_LDwoR0w_yD0shnEFlx48fUQwR2txkjc8M9xB3eYMvPEj919_nwY_szdkz8j_I8KZmGzbxU7HgxuYjKsRHYVxyNw0fK_4PxJwsQJx3Q6zN1nOflDYJGcqQjclnNPMEiom43znbpDbbce5ouhJxLNnl1CF8XQCl0-2NyBcQfHDRIr8t4_P2DrNcJF99C5JUjxKQp-YNAscGQ-hqZYfq-dNo-x7z9K23Z9wJp1E73bGEp1QAvJxozEhGEwQl2cJ4Ig-Omo75NF8_RplEzTG5SMgoAyogfOWWEY9dppRIE1UmdBw-V0XGazMksbiVblvYt-zOyQYQIFy7aiOJP6yICTmOpTMifAZQ5HtNRn76Lw1ZqGUe18FEHqF_svQUqCU_Xdskl_LSCg753E_D26yLifClNT3VoyObJLtGuEHmja-bg3zZM_-HA7QphTGbxKL1hlnZr9Y467kFVY6HYWxXsV_sPW3j55r-Kys1a70Jpaa68rJ27I_YLutjbip-zIQD5PP9Y-b_yN9GAilU4Id96YJioyBaPOLa3xFz00UGntyQ6IwSujV3DBcm6C3K-Yc7NDLwuwlGC7g4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koooralive.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E986 16 B
232 B 102ms
102ms Fetch
application/json 3.10.60.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.60.133 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-60-133.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Nov 2022 07:53:07 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 150ms
45ms Preflight 3.10.60.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.60.133 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-60-133.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 03 Nov 2022 07:53:07 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENbo6cTLTRIvjeJumidRdwY&google_cver=1&google_push=AZmPxg-NWvxGPP_iIXwBYLRK7uLvASKwta-RCWBhvn6hWDHlzQ95cyTDGcR3CVSSeSnpAwodxwxc2WC66oiDvKdrTTdWYNqOIvDlzQ

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.koooralive.online/	1970-01-20 16:47:01	Name: _ga_EJXCRNLNBP Value: GS1.1.1667461983.1.0.1667461983.0.0.0
.koooralive.online/	1970-01-20 16:47:01	Name: _ga Value: GA1.2.1989482154.1667461983
.koooralive.online/	1970-01-20 07:12:28	Name: _gid Value: GA1.2.1643291256.1667461983
.koooralive.online/	1970-01-20 07:11:02	Name: _gat Value: 1
.koooralive.online/	1970-01-20 16:32:37	Name: __gads Value: ID=19f8966d3abd8255-22891d5065ce000a:T=1667461983:RT=1667461983:S=ALNI_MaSqFwG21xHg39s4dNj_vstKq5utQ
.koooralive.online/	1970-01-20 16:32:37	Name: __gpi Value: UID=00000b7bc8b5c06f:T=1667461983:RT=1667461983:S=ALNI_MahzGvo3Gnq8U1JMLfCABhLzzs9_g
.doubleclick.net/	1970-01-20 16:32:37	Name: IDE Value: AHWqTUmhR-_8PFuHwgxRFKk5HYxm42LfkjLudCrQx76iZHjJkS4jIBAnMOAgymXX9uM
.doubleclick.net/	1970-01-20 07:11:05	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 09:20:37	Name: d Value: EAEBCQG-J4EA
.quantserve.com/	1970-01-20 16:41:16	Name: mc Value: 63637361-58663-aa8f3-57a95
.pubmatic.com/	1970-01-20 07:12:28	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 09:20:37	Name: CMPS Value: 1106
.agkn.com/	1970-01-20 15:56:37	Name: ab Value: 0001%3AAgE%2FkTOa94L%2Bpl15EctPPQakbrXNGeSo
.agkn.com/	1970-01-20 15:56:37	Name: u Value: C\|0CEAq9i_hKvYv4QAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/	1970-01-20 09:20:37	Name: KADUSERCOOKIE Value: B5083D0C-2A34-42EB-9C62-A1DFBF5936C3
.casalemedia.com/	1970-01-20 15:56:37	Name: CMID Value: Y2NzYUTgYVH--WpALPGFnAAA
.casalemedia.com/	1970-01-20 09:20:37	Name: CMTS Value: 1135
.casalemedia.com/	1970-01-20 09:20:37	Name: CMPRO Value: 1124
.awin1.com/	1970-01-20 07:21:06	Name: awpv14098 Value: 412871\|1667461985\|8d05c0c0-5b4c-11ed-bfbc-22342ff4a6f7
.awin1.com/	1970-01-20 07:21:06	Name: awpv11938 Value: 412871\|1667461986\|8d25cbe0-5b4c-11ed-89a3-223851067267
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 07:21:10	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1667461986_8d25cbe0-5b4c-11ed-89a3-223851067267%22%2C%22sp%22%3A%22awin%22%7D

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://koooralive.online/(Line 68) Message: <link rel=preload> must have a valid `as` value
security	warning	URL: https://koooralive.online/ Message: Mixed Content: The page at 'https://koooralive.online/' was loaded over HTTPS, but requested an insecure element 'http://koooralive.online/wp-content/uploads/2022/04/323.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://koooralive.online/ Message: Mixed Content: The page at 'https://koooralive.online/' was loaded over HTTPS, but requested an insecure element 'http://koooralive.online/wp-content/uploads/2022/04/124.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://koooralive.online/ Message: Mixed Content: The page at 'https://koooralive.online/' was loaded over HTTPS, but requested an insecure element 'http://koooralive.online/wp-content/uploads/2022/04/83.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://koooralive.online/ Message: Mixed Content: The page at 'https://koooralive.online/' was loaded over HTTPS, but requested an insecure element 'http://koooralive.online/wp-content/uploads/2022/04/124.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://koooralive.online/ Message: Mixed Content: The page at 'https://koooralive.online/' was loaded over HTTPS, but requested an insecure element 'http://koooralive.online/wp-content/uploads/2022/04/83.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://koooralive.online/ Message: Mixed Content: The page at 'https://koooralive.online/' was loaded over HTTPS, but requested an insecure element 'http://koooralive.online/wp-content/uploads/2022/04/323.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208214437340987&output=html&h=280&slotname=6624613281&adk=3748555641&adf=3025194257&pi=t.ma~as.6624613281&w=1200&fwrn=4&fwrnh=100&lmt=1667461983&rafmt=1&format=1200x280&url=https%3A%2F%2Fkoooralive.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667461983244&bpp=2&bdt=373&idt=287&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2315458891532&frm=20&pv=1&ga_vid=1989482154.1667461983&ga_sid=1667461984&ga_hid=2065069500&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531705%2C44774652%2C44775016%2C31060048&oid=2&pvsid=365543914198539&tmod=687794964&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AZ29ib06SQ&p=https%3A//koooralive.online&dtd=294 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENbo6cTLTRIvjeJumidRdwY&google_cver=1&google_push=AZmPxg-NWvxGPP_iIXwBYLRK7uLvASKwta-RCWBhvn6hWDHlzQ95cyTDGcR3CVSSeSnpAwodxwxc2WC66oiDvKdrTTdWYNqOIvDlzQ Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-9XrOTFoUSx4BA_gavaLR3A6MycYlIK6zGNmB1padwM42Kb9wlUUfz91f3nPE5_NaW5xquqpxkJFAyZUKqWG-VQ-kHiCd7&google_gid=CAESEKDGb7W6ZTist15-P7xHKaU&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
d.agkn.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
koooralive.online
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
region1.google-analytics.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
secure-gl.imrworldwide.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.18.126
13.224.189.102
142.250.74.198
148.251.139.77
172.217.18.98
178.250.2.148
198.47.127.19
2001:4860:4802:32::36
23.205.253.64
2600:1901:0:76b9::
2600:9000:21f3:2000:1e:a43d:b640:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:810
2606:4700:20::681a:910
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6811:190e
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2008
2a00:1450:4001:803::2001
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200e
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
3.10.106.59
3.10.60.133
34.98.67.61
35.186.253.211
35.244.174.68
52.28.86.14
69.173.144.138
0099bf3e02cc1ceeb8826f051f6eede672482a60d1f000373b9f6f31c68e2f85
05598f8f2a66f401f2b91bb8e05d09197bbbad7090f838f16c01f7d55f8e678b
08f2d31a40425077915dff1cbdffe77c69cac7a3645ad859da9e8b881cf5bd1c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
123fb80211b4b6bc926df0c11f147eca992eb2b1240a48433f4c5fb1666ba70c
17946ddbec28c0238bec09e6518a43e9f3bd5cd4952568f6cabc7ad668032af4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
19caa4923b1af5a163235d893ce44adcf89df166f0ec58ae11d34ccf7545f2b0
1d46a6c67d5d3d5168d4f5a3d6d230b9048cb3d96cf124c60cd6a425b4be144b
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
232a6ac91462da5b10eeab6cd35f3fb33f84f3436184f3cd1f568a7fc0da1152
27f1adc31ab95c6c20398f3d40f4212c1a6f7389009f67b82a2278e4afb03b85
28edb842cc842fc0091521fb6364c79f2b9627d2eb316b02acab2471cd4146f9
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
29df001622b2c11cf6d182393c4a79e14bc3c02f2acb485f85af44c84e6b5276
2a0d50ab44eedde2478ae6561176dcef384608de9d6b838e8a74ad179862040d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea4753c508a2bc6bfa07a7c78f8bd88730aed18049df29c9d84e4c902755cea
2ee8dd1d32238fd137043ab1892335b6859bfb80aec9b3653159d43e1f08c787
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257
384880391d5e211c60ed1e6256b946d8b676925edfbfd6e53609a20630a44302
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
3a86cdada5e5a31807176f2881b5b196dedbec52d01a47865d9ccbf6f8e33f23
3b4707a6edf4de9440a62d562207fa0128b1826e5f0cff9bb410d5e9106044cd
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
491535f67bae5f72d2a6922ff47df1235af120734be7b45f40ae2d222de0cfbd
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5afc97382732099825ad989abe65bc265e483b236429220bf499853156b0c96b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e63d187e6b3583759db65bbc25a011f6c629eb2d0cc6399331bb88a99f461f6
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68913ba2c9f9c5ae6934d892c44ef91935c24bad121cd726516d013165be52a8
69fb18a7dc78ce9e1b9d6d16f4f4207b25df31581d00066e2120cb97d0919ab1
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
6fe0cd5ee73ce7df2bbedc771342299d6e3c1b92082f8bc20cdd3a34c2f86968
71437f1a53b45e0f8980712bad8b191b4d31b52b33905750dfa9e0e41eddc0b0
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
71ed0a52d06726c3a99786ec2c5ec33c9b717a1fd3909ad0962dae6081e45923
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7586a76d6d1bff3cd368fe7017d8c3dfbf8d8420b8a11d23c3165b93b4750301
793ff4ee8f57bcce74beb87eca121096d1ba1698833e77c6cdb3a90742c2636e
7caadad2f49cc41795d81cd27682b76fa6d87e4bf653c15943cfe9cf3a2bd64a
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
84c0f8404bbe42448d93e37810f07bcd941b2f2f44012600c0926fd37941569a
8ca576c1a2552134c66c3bdfbbff559654f0eca9d749d2933397df6b80616852
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
907d87cb8a32f6258c16886aa91b2c0b1e2a3fc7b2828a26e29c38a4ae6eca5a
92bf9e5ffb82452aa066ae61d9bb59198187cb8c53c192da78d190b0329d346c
94e993204b6f2bea826b433977da0f253eff2b438da10fe34dc74404bb4a3245
9a39b4c6fc4ecc03be71900984d48ac7934a8bed2380b6d37133f803480cbb30
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a231470177f09c2ef1e66704bc0327312fd4bd6bbad8088dfc1bf9867155fcc2
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a43854baf1d2afb4f9f2dba0b12e47ea2ab3e7c61aac7d4ba99163d1f69c6894
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b44026ef17b791727f06dac327230d8160294c9fcedf2c323342613a0476ca
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7ca8f6af1b7f41e3b9d39d7281be3ee848d8052832e5c5e08b5926c653e24ab
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa1d672be7c09a6d359fdb7bd1998f9f0af7c0b4eca9fdc42d57d314f1dce10c
ada8cef04fab96dcc34caa37f138e5931a57f99bcc9b264275a6c8873cf40ee7
ae603c4afd319583f9d6be914622c1b1889c5b1e16825c8e63f03eeacbb630e5
af86ded17471f1dbbfad46c3a5b3f7f93a868a604d74dd7dbf877282ae216fae
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0907956318d7fdd17b4ecfe956cae0bf7ed767e4c8175e1a530ed41ab36f383
b3bf97212633b65d3c046b35b597531bc4e9a25c44d16d963662fef6011342e0
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6c7cc6a51095d368b2db9f77e7ac4c18cdbb03db2ae72920b9fc693a0ffc7d6
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be4995c5f56057788315622ddddb8700b604556edacd85ad46fced9636131d75
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6ae233d4c02af738eed223a94e974fdcb5df4f4b39423234fc3d4501b1f017e
c6d12bc8a2048fcf5483d8aff56ec9125fc4cd1fcd4361c8637374c3ab08207a
c7648272eff5daef40f214bca081a1969f0717cd9aebdeb56721e4ef6ee1b978
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d0358b09b9620d49ace9948c0a3c5f2f71ee026a440d90a60d6436c2db1250b5
d07e0ec0c986bf8e1c7904fed3d2b82c262fb5aa4416d9d0364b46f8cb072c55
d3dbde236420a80552af4e90a8d2b36640053e3d859d60a41986a3cb92458808
d68dd552727cf9933dca0f9a8e3efdcd1b0639ba3fe1cb47eb3b668ecfee39de
d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a
dae7d504533c123afdfc0fdb71accd58f8e85c258be4036e6290efc44805ca42
db5119adac5cd5642fb2cfcb6254fc7d0b603f3c457b5384dbbd1ec04eb47ecc
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1594acd22bc388da0a6607fae8e482b9dbf06e4ca2e49066c6e846fd4f560e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e9a25d93bc5cb1beb6065ea08d7777a993a150a6706d6e62677852de9bb71b2a
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6e049b6c88d5956cf00b54fa93b8c3e0df12425378142f344d680d7087f2379
fae4846db3a83450b46445e76aebebb6b3ae1d1414e7b117c084a920cb03336f
fe9cc714cb7cd7056f8e9135d76f23840c1b543d9352df7dde60cda58af838a2

koooralive.online Open in urlscan Pro 2606:4700:20::681a:910 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

95 %HTTPS

69 %IPv6

30 Domains

49 Subdomains

43 IPs

5 Countries

2683 kBTransfer

5233 kBSize

22 Cookies

2 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

koooralive.online Open in urlscan Pro
2606:4700:20::681a:910 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

95 %
HTTPS

69 %
IPv6

30
Domains

49
Subdomains

43
IPs

5
Countries

2683 kB
Transfer

5233 kB
Size

22
Cookies

186 HTTP transactions
12 data transactions