kooora4lives.net Open in urlscan Pro
2606:4700:20::681a:1cc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kooora4lives.net/home5/
Effective URL:
https://kooora4lives.net/home5/
Submission: On August 15 via manual (August 15th 2022, 4:21:20 pm UTC) from ID — Scanned from DE

Summary HTTP 506 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 64 IPs in 11 countries across 51 domains to perform 506 HTTP transactions. The main IP is 2606:4700:20::681a:1cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is kooora4lives.net.
TLS certificate: Issued by E1 on July 28th 2022. Valid for: 3 months.

This is the only time kooora4lives.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 24	2606:4700:20:... 2606:4700:20::681a:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	23.47.212.127 23.47.212.127	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
17	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
10	2606:4700:20:... 2606:4700:20::681b:4071	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.99.8.28 192.99.8.28	16276 (OVH) (OVH)
1	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
4	185.83.71.66 185.83.71.66	55081 (24SHELLS) (24SHELLS)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
50	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 42	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	35.156.35.28 35.156.35.28	16509 (AMAZON-02) (AMAZON-02)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
2 12	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
26	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
4	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
16	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
13 26	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4 8	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
124	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	23.47.209.72 23.47.209.72	16625 (AKAMAI-AS) (AKAMAI-AS)
12	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
2 4	18.202.123.230 18.202.123.230	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
4 4	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1 1	2600:9000:206... 2600:9000:206e:ae00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
4	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2600:9000:214... 2600:9000:214f:200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2600:1f13:800... 2600:1f13:800:7782:22a8:1ef8:27f2:ceae	16509 (AMAZON-02) (AMAZON-02)
1 1	91.210.226.72 91.210.226.72	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	88.80.189.68 88.80.189.68	63949 (LINODE-AP...) (LINODE-AP Linode)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.68 141.95.98.68	16276 (OVH) (OVH)
506	64

24 2606:4700:20::681a:1cc (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

kooora4lives.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kooora4lives.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.47.212.127 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-212-127.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681b:4071 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kooora4live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.28 (Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.83.71.66 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adipololtd-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.35.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-35-28.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.217.16.194 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.19.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

124 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adipololtd-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.47.209.72 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-72.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.202.123.230 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-123-230.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.246 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:ae00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1f13:800:7782:22a8:1ef8:27f2:ceae (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.72 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.80.189.68 (London, United Kingdom) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li700-68.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
124	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	2 MB
100	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	672 KB
70	doubleclick.net 13 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 static.doubleclick.net — Cisco Umbrella Rank: 458 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	630 KB
27	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 528 pixel.rubiconproject.com — Cisco Umbrella Rank: 326	30 KB
24	kooora4lives.net 2 redirects kooora4lives.net www.kooora4lives.net	270 KB
18	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 801 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 538	188 KB
18	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 cdn.adnxs.com — Cisco Umbrella Rank: 1351 ams3-ib.adnxs.com — Cisco Umbrella Rank: 5884 acdn.adnxs.com — Cisco Umbrella Rank: 584	93 KB
11	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 732 gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755	10 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 374	217 KB
10	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	2 KB
10	kooora4live.com www.kooora4live.com
10	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1505 m.addthis.com — Cisco Umbrella Rank: 1429 api-public.addthis.com — Cisco Umbrella Rank: 4330	221 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	373 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	7 KB
8	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 194811 adipolo.com — Cisco Umbrella Rank: 122484 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 212837	142 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	117 KB
5	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 518 image6.pubmatic.com — Cisco Umbrella Rank: 636	462 B
5	openx.net adipololtd-d.openx.net — Cisco Umbrella Rank: 62612 us-u.openx.net — Cisco Umbrella Rank: 396 rtb.openx.net — Cisco Umbrella Rank: 1516	1 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	4 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 603	2 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 516	2 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 277	925 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 8117	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2742	20 KB
2	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 2757	480 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	56 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 791 r.turn.com — Cisco Umbrella Rank: 2886	869 B
2	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2979	292 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 39481	1 KB
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 605	326 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 921	344 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 792	726 B
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5951	356 B
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1237	214 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 679	1 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 652	1 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 17634 s4.histats.com — Cisco Umbrella Rank: 14587	5 KB
2	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 201180	17 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	112 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 541	623 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	265 B
1	adsafety.net 1 redirects cm.adsafety.net — Cisco Umbrella Rank: 4720	1 KB
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 34143	823 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 423	10 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 704	473 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3213	104 B
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5312	5 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1674	823 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 442	1 KB
0	netmng.com Failed google2waycm.netmng.com Failed
0	smilewanted.com Failed prebid.smilewanted.com Failed
506	51

	Domain	Requested by
124	s0.2mdn.net	kooora4lives.net s0.2mdn.net b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
50	pagead2.googlesyndication.com	securepubads.g.doubleclick.net kooora4lives.net tpc.googlesyndication.com b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net cdn.jsdelivr.net www.googletagservices.com
42	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com kooora4lives.net b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com s0.2mdn.net
26	cm.g.doubleclick.net	13 redirects googleads.g.doubleclick.net b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
26	fastlane.rubiconproject.com	player.aplhb.adipolo.com
23	kooora4lives.net	1 redirects kooora4lives.net
17	securepubads.g.doubleclick.net	kooora4lives.net securepubads.g.doubleclick.net jscdn.greeter.me b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com www.googletagservices.com
14	googleads.g.doubleclick.net	kooora4lives.net b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com cdn.jsdelivr.net
12	googleads4.g.doubleclick.net	kooora4lives.net
12	ib.adnxs.com	2 redirects player.aplhb.adipolo.com googleads.g.doubleclick.net acdn.adnxs.com
10	dt.adsafeprotected.com	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	www.kooora4live.com
9	www.googletagservices.com	jscdn.greeter.me kooora4lives.net b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com s0.2mdn.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	www.google.com	1 redirects tpc.googlesyndication.com kooora4lives.net b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
6	s7.addthis.com	kooora4lives.net s7.addthis.com
5	fonts.googleapis.com	securepubads.g.doubleclick.net b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com s0.2mdn.net
4	gum.criteo.com	2 redirects static.criteo.net
4	static.adsafeprotected.com	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
4	ams3-ib.adnxs.com	cdn.jsdelivr.net b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com cdn.adnxs.com
4	c1.adform.net	4 redirects
4	fw.adsafeprotected.com	2 redirects kooora4lives.net
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	bidder.criteo.com	player.aplhb.adipolo.com
4	hbopenbid.pubmatic.com	player.aplhb.adipolo.com
4	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
3	mug.criteo.com
3	ups.analytics.yahoo.com	3 redirects
3	www.gstatic.com	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
3	api-public.addthis.com	s7.addthis.com
2	ad.sxp.smartclip.net	1 redirects googleads.g.doubleclick.net
2	static.criteo.net	player.aplhb.adipolo.com static.criteo.net
2	tr.blismedia.com	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
2	gcm.ctnsnet.com	2 redirects
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	onetag-sys.com	player.aplhb.adipolo.com
2	prebid-eu.creativecdn.com	player.aplhb.adipolo.com
2	prebid.a-mo.net	player.aplhb.adipolo.com
2	ap.lijit.com	player.aplhb.adipolo.com
2	tlx.3lift.com	player.aplhb.adipolo.com
2	adipololtd-d.openx.net	player.aplhb.adipolo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	jscdn.greeter.me	kooora4lives.net
2	www.googletagmanager.com	kooora4lives.net
1	id5-sync.com	player.aplhb.adipolo.com
1	acdn.adnxs.com	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
1	match.adsrvr.org	googleads.g.doubleclick.net
1	cm.adsafety.net	1 redirects
1	ads.smartstream.tv	1 redirects
1	cdn.adnxs.com	cdn.jsdelivr.net
1	cdn.jsdelivr.net	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
1	rtb.openx.net	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
1	r.turn.com	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	dclk-match.dotomi.com	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
1	static.doubleclick.net	kooora4lives.net
1	player.adtelligent.com	player.aplhb.adipolo.com
1	s4.histats.com	s10.histats.com
1	adipolo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	s10.histats.com	kooora4lives.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.kooora4lives.net	1 redirects
0	google2waycm.netmng.com Failed	b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
0	prebid.smilewanted.com Failed	player.aplhb.adipolo.com
506	78

This site contains links to these domains. Also see Links.

Domain
www.reyada-365.com
www.facebook.com
www.youtube.com
www.yalla-shoot-matches.com

Subject Issuer	Validity	Valid
*.kooora4lives.net E1	`2022-07-28` - `2022-10-26`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
greeter.me E1	`2022-07-19` - `2022-10-17`	3 months	crt.sh
histats.com R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
player.aplhb.adipolo.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
player.adtelligent.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2022-08-09` - `2022-11-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.a-mo.net R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh

This page contains 48 frames:

Primary Page: https://kooora4lives.net/home5/
Frame ID: 296D12B517AD7FA850D538DE1077984F
Requests: 159 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 54B284AE660C21A44905FD295C1A9D33
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 892BC213586206DB97B63FA7DC92C624
Requests: 1 HTTP requests in this frame

Frame: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 45048DD310B5540465CAD450C27A8380
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 990DAA1A75B69AD51E0FC04242C0153E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2CF2D50C522D594546F0921DE0C7CA4E
Requests: 2 HTTP requests in this frame

Frame: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0B09F6C730F20D03DB96D9BAE19DED86
Requests: 1 HTTP requests in this frame

Frame: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 593A00DC03350E62783B3F3F3F3DDF70
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: 4F9720EEBE5BF725123A81CAF139FFA4
Requests: 15 HTTP requests in this frame

Frame: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FF6E4B60F0719493376612670F29C8D2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: A0BE05BBE6EFB60AA36157C9366E6D6B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYse_6yAEwAQ&v=APEucNWDl9fglKIE4ZsDxgjwWjMcoMWNA74LlZui6N9RACXPWMR_XzFSAIcXfNhbsSatOP-htVHvM1yqbxBKskg5i39ika4dIQ1vEznwJUHVkEowM1e-gnLS5AhT7FF6e--GmT7mUs_F2_QXDhgyUDpiY1YpV6wzjXvfQfF2IafkYDlOWNi_dQc
Frame ID: 8A3D58AB2069659F5A69C321FEAC9ACD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A62ifhnNnb4-4sjkturs9g1cSfH6Abfcd16y0iw1Vmx6X5rPYCImjVYD7k4QH-hkR3vETgWW8jNZrssxx4kert4pDmjfEaU_1jXgCRgY87bWbXFBMJyNKP0JKzk7MICevdIXNqxCJuyINteMXtao3gFD0Ntg&dbm_d=AKAmf-BxeybuL-W3V7yBRdVn8ei8IEG0qYE_kryBCWlHXmIdJe24LMuJoEYtmjbcYogFKGL2rRBp2eEJl7icbSvgxWv3b3WwrSiGHzcH-EII2IayFhEli3p82I7rqCCQPVv7kq8q5Ui6hX2qOP0snP_LaOUy7SRnVLHvPopt98GNzqm0kswQbwUh1Pksv65lL002xUo-CniIG80KUBNaJbTfYQYwXMecpFG1H44627f1oK2y6wqqMReAn_KGS7vhzLrl0umQr_Zo3EF_gwTIjxcMFC18C0v3orFnBlg0XEYlXAnHOdlWSUZZqgK_WFH7jud21grmqlNryrIaJDqPBWXKxc6K5iXv38vmBIOCnmxGXqYHaNAR2RvWAd-85D4Xs1MIr_Xf0K5Zli6P-wXl_0nVPpzBJx0S6DcMpiLDVxounyrMfqvnNbY18iLVWmhzoZj1l-fHaA_119TCvwAHygzmOsoICIvK7dSLACBg6GPmNiF21FUKkLqcjgtonZdfkK-3h1ND4dbGQt7YhR5SquNxkp7Uo3WRlpVftu6ziZlmn3ob6tzRLHqqYicO8YRzd0d6yxB5otlhZEmseR19E3Y31mwsKXhtFFr6YvGgz9w_xDSLOsGBGavp0qsyDa5K2ehpEfbCaEK84TptrZUCZKEEMlLH9092QyHEf9W_KxIc-sUcrU5y9MUzpnx8tLgFZeUYD0dREVJXC_A20Snt81MWgNrk7X-3ZQx-JDBtEuoavOXbVE7wCpbt40ETgXUpjH4PLNN5LmEJNsP6GsJVvoyYHeuoG-ERyfsi1qPuG3hUIzEBuz_sKY_C-nEy3sYe8jsUZg3xyzKIBotwbcoELHBd6b969oh3qWDc8k_IKN0j80sYlJsnWv4eO1ziunz-b21MNF6YsFJOhtyP6_qy0wje-eyWwuKgGxRZ_h28GCQvvB95naieeNUQS1ptlva3PBIV6frd_9nXwTFsxpm3FRy8zcqBB45jJHmmcOEDlIKuPDBn2A2C4LuLHsZoLtlyUid__vAGytr1255Uswt1-wM2gkaZo2AWvofez1CIqGXWd7WzmOvVpB1sdQWOZk3wDl1VhvacVeLgAUd8nP405gM1PZ8A3erFRf6eMSUp_BoLzKZeoSJEeqoAO91Bgi9-blNVusKaAtC8XsdDh0TpOXqnKnzJeGeoe19dF2D_zMLkdJZjhyQfEnOj82K9zzCQg5d2LhaXPcY7Zsdk2jOsq4FvPq8PZPoHEzCOtlUMgoDdhky2EBD2pKP-wVE16JhGkvw9GYxwDy9-RnFlYiQ_qtdezLYhcfaGcO7iRvpnoQHOdpI1Lo2Ng65OebuJWg8kb9t-19Ld2cTk1UABuN8RSnPIp_ksJbs9KVFpa4bJiI7ZXiYgEXc5KXylwIM5HL0qJx9hNggwvYECJYYItoqzZblB6uq3R--8kYkSU27RAWi5kgy0td5MB6-aOqnQzkLwDpLYzuUrqe26QWOJJqTne-r8ym14qA109OFMSUp3a4M3TYeewPbhhoGsEz-qPC0Y8ApmXbStfkDF1jXG9hYU4NRP4D11I8R_wBESXhHrz1dqWvyMOxPmqpLGn7WzePwCPyqJSE9N0l7CHEMAJAcY2UXPG749GnbOf7fSaINmq01L3H_ZN3qvm_9MgnQGJTIa7Udsw7PXB9JrSfxS1mqtTWdwtRORdS2AMz7alVrR2-cgyF3QbC8jTYl4XrMBB6DuWWd6Jvkews0uCz_nFNS51L7VN1RF-KUbeqz8nH-YbA86FZu5DFplUfqYZuG0z-sy2A-yvwsSRVEStrkvMHJvmctxHDdIzARBAwy6lGirBDCfsGMrcM4YulDD-dXUUFUFa1S1fsq7BhlZaIVUuP1MXX50PNuppt2lpOKf9jgAridBF7bVQgxXExQLmpUfRFJ-LqzCTBVcDEiZuxtCpIEHtt5t22V2Gm-1HG7Op_TzsvYR_vc4wWvaj4rNGXET2VeN0V4Sj4AdwoTTFat-aBlNe_X__VhRXdbHeOCr4XP5c2LLBFK4ZLt07Vml93xXZasQ-2p4xb20HL8Vm8kao4sGkWWwfLE6VKfk4spMZ6B2QhlmtjhemRCh1cHuFVm3WOTjQb9hbijG9sZwNku7bRAefiia9Mmvy-LU0SkzPVy6p4OD9fV2Ft8bbokhvFWM9Lv5FJrBgi31t2vz0fBFR7BQsNZndopRQcLE4e5nBGpPUebRkrNc8WM52U7kx6_alV74h6_o6ueNHa67BMPDT13ubLi_R3z2MkohGH8xwvv8Q_fCkwqvhByZxoxxNjL4KqPs547YM3gjPT5JuAzvBJmExeQwdVA5s-Cy9pFFA8ZK_c24-CvvijZW1KeMlLeqjGr3ED5U_HiTEtOTfLoY7726IZoPfHBe1CZ9Qq9lugBCXodQfzBsC1711tnvoKwAVe42KV5CxJxM5WuqTRR6-xugF2P1LdhHZ28zkrYHHmPq3g7uwnEr5XKsGx8yyiqPOYpQ4fUCPUb_X151S21tFq357poC1JQeqSB2XnB73piW1tuSO7cB8gQHWRlVMndi0QsOXs85-dOKcujTgXvM7Q4Mkub3N4f5TRC9sOD4msxYMrtzxOPZ77DXtPzV_2bw5L9teWWyLXvAArJsGqWYPVyJSeEvSKCdBP_vXOttqxcvpiabxAe1X6NaD1lB1zq-0RMNo8T3sTiyruZ7rcpklf0_i9kr8hxMcByzZLIXLjr6KquspfGggKjmAjiWeJsSpHelE6sIAL96UgIAk_c6f9z5DE5lkqBQNmlIvdK7l1FZtW8qZP6msmMEx7Qi5Q0o2ILigrpD7JgREmTZhuMKIRQhnJODZg7f9CDwIY50cgyDMQ-4YUiP01djybDZ9DHbkq-BJwFV78MDtKSDwkyTh-oglYYurGp-APqvSFwhNufqRNkUckdeol0XtDS8GG2B4NIHUymZlG-Hz8CgE0NRkhZOWL608iqp9eZ_s3a3mlHLs6S5rdo7BSrGMQ7Bjx_gbXyECdiRXeR4tY5tZ7htK04BjS9pJJiY7Q7dTFUI8tsrtbx9eTTQMLLbzH7uQkzZX5vw3dhT2P_EIvO6unKNl4GdsnIUgPAo6I4LRDbRWbSl9_pfOeQeiQrzp40ihjZUckPhUf_ih4VrwaNiakgn9iwYuUceSq6bT5Pzcqf6oGTHRKTFLvPwMvF7oUU&cid=CAASJ-RoRI2xraQk8uC7jwel8HAOnTgllNJ945HrZl1rB-1iJWoUjkSxOw&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Frame ID: A71B8608347ADD8F0BF591627D1DAADB
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500
Frame ID: A8FC7F725B65E721E111EE32E591516D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNUbTIwW4RcmGIy1UiK6lbUJCIN1eMKhUo5RCJe1l-_bIP9Lj1tMKmZRQqpl5KFNgYhn3zC7LUKSA9-cDrwDY70qacmluXHrduGYgfZYSsGP-NHpvX9-LCVERwaBM39K4l1kBGLUCEZmEksoj6GFfpCSr02aE6MpmKs98Kx9zCAspdERycA
Frame ID: 74B984C3D3034FDE716AFAD8D9FC81A1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5w1yNnMeeKRLkplUnXgaqPkK8mmXNzERfl0dRky77GxuLsfpTsi43jgOj62AM5FR_y6PBWcKcJfpQvWQNNr5AjKYG5FRQ7XWXvbph1zAy-kA88Q1Ew0vwZc3VtMfKP2E9Mh7X4IlBdxLeFpNE_E6U7tW_8A&dbm_d=AKAmf-D7AiCAK84AKrjd3U2_6QTa_nQJuGu1j0QbnM46DKA4GOEumXugZUplgK6hB-etiqwiZXZsVUGEQQyXjS7lD1dv8dC0zlxUgd5I5cPpuwrVLMvKtA-KaErj6ctf2BhqUQdUuewVfSy7as1E6m33wKOsyqw1nMm-8fReMOVeSECUQOnkF6NzF0bZZ06Fe31p4zUS2mYTnit9d4Ns1kQTRcN6sLB5W-8ez-CK0NSIg8TtvlSn3HIuXhaigy2rfoaqXGOm92DS74leleNpjwrAb1N_YBjCenWvWHmJDM-h0bb_kWyREoXt467uqRpoZ-4bt31XhjmcGzAhB3SQ0d9QoXgNyHCmQRr8i0eRRMCfJ-hN1Kd-jisJkftdNNshr0RKUxIryCaEIxErtkaGnKrm23gLekb6yN5RZ70U6e4e6MvBuEG9L2EydEc0QiC-P-7wBGMHZJ3yGQNYb8G4s25vkhQfvyYn3k1Ux8sg6HK133lFisyJ6ifN1MA71pUP2Y8E5d3mM0rSXe7Da3mjiCI6zhRyQ7FknZpUVDTYC4QDdwE9MCU7A3cgL2eyEegNVkvRraaN_OPkcUUaWIai9PkwhRap3kHdcpMPm0-SGGRA6Djeb2AMxW-glyAABxu7-gaHhrngKG2adbJkWTO4zTQHZe6bfcDTbovD-TDVX2lcVyhKTpK8mp7LioWnLDLhbH3aiE-6k6mmgi4tL7ZisZXeKPtDb4xH4nPhJr_4m-ZozQqQBiiTH-jlgaDhfuRGMgNXhUfbmvAqYV6Tx8LprXfQ7XdJjrc5bF7Fl4BkZmcT7Dn3zLQvqEcvgtMalnmntKh38N-0iExDXz1kaka8m1gfczhaFOPVpVLN6Akglr7q8VJqRd4nJBNlzAUi0KgorOtbRIyVrWlGAs5yU8lLT4QLdYB9YrPZnTbCaGQXKsX-27F4G5780GgwSNtJjsupSb6TlH7gbppJ60GYDiguCvY264h-Lx5EV-R7LbI3XZVVDoGiGVq5wDEuGpCxhvQE1LMPBCMy9jvu5W-3QT224KSwaK-cukVlaJM6GWPkzVS6hNTd-nPmQ_4vh38d8MASJ14OH7jEHnuj_YejJM21CjhwJAFMgC305Mu7S5qtCSqKEgKqI77Bp1B9RYgRXkyESvg7kbKzmbkOi2dYb_lGyG0ic36uKztKG9vIatpcRvBT0R7dmnJMcYMD8n_Ktqooj3jslPu5QkcB3Vi-eFt3HSP1pEZ_Cw06ZCYDjBTFHbRw9mim-3D3YpXDUD0SbGCGd7LZZ1NWPqX3MMtFc55AV3VTRCwg8LCXCkLXvTzbVLGoWHbkiiG_Dg_CIFfHDCQkFyA5FtWTBWzVZPLX-dlolLtlrFiFN3CCe2oLj0FW5NrUeUPfF33tEf8OWkUdjRwtgGp51zssl1yOik5f8a3OC9eGjkPV2OcBvOQef7fDBMnj10x_dpRmMldpR2hcjPqMr5VB_4Qe8iaQ04-LQSWGIU3FwVhtPU7pk3A0WWk8SuBucDDEQnWr_zHgrq1x_970iFOTvtASrd9L2dhWBnr3LBRKbTGGNYC-Yo3C49jESr_gW4fsTP5Lc7cQ4k3fqHpSwjzXi504ACBkNay0kfWRMIdjnAhrkIz8RdQ9Om54Ldj4Rz3cggPMDe8KJ7U3z4Mg9ZaDGGd44d8vxodTwdNOJkHynR_ObWZ_8UT60ofS-eZt8JiswKiFV6PZKHpHHICwojw3fZMzB4-EoS-76scQS8CYX1R-PbB8a8IQBTZn3OnXKx5_NJk0LDFcPjpKvZe0neCbWxJdRUTMuyQgHd1M97JwZaQ1o4gjFiYct_Vk7aHVhBXvv-Cs6EEZLwrlTA818fNqcS14ADjDdBL-wcJG2mq2pH1fV-z5FrlEJC45Bv0ots6oMJ8rVsxt3o1hoNG0U7zJONSjumHaOnR_Tn-hq3pv_eGZAKQMdrrm3_tP1MrE-goeFs__53EiAt_pbKwPMRFvNrb_6Yr6Ob16_FMPnZZ3R2t401Yrsxq7KAgmHN4qNoT-AEYVO-P7U3VMQsu0MqNufgUWbu9vOoxDfZNKg_lEzEZbsTSBKHqpJ5KGPDlGy4R5Sem9CRVacc_cqEcqGRXqEBVisajkRWc6r59o7-vlxBJOF7dYrt7MYDsLwLSmdnj5_2LoiQFUobsLkis3HVskwSy8gmSnzXhkMNDDxxNRkkJd9-7y5IxjiQzb2t8zLIATCYsisZY8-xNAdH-ciuQmFQeK7WpBMeuiKASZ0bhGsLqGxmhfZBRZm2C6B0hdp4kalstfP2HRssQgUFDfBpXAWU6qDRYMF3Ycj4SJfiZbs4qw5fs7daZpsYkS-Neyo5OavE9-bQGLm2StUn5EiFFhB4rhXsZObB_MrWn795CTkLJ-gc5fXVUo2kIz01Q5HxjiRSE5EdTKBRORtWSeWsM3iz2jqiS5s5YKDS4NoVemV1lQoinjOdJCAqQGgjyE1kBLrnr8EEpMteuK1kfXrMQ_JttN7Kc9250T6vurzXNTlFc127iJoycJ_GY9XodYoV53m5v8snDe7INNm5zWekQPTnvRFxR7Ejs00YWwYrj0onfC1Iys8ESN4R35WpcxpXWrHEr1sQxXE6mYrtCoXiW9RgKUM1VwM_qZkocgvtLcEceUtUYV6lSiiAzimyEnvhTGHkWXrZZWpmOY-zG8Sv2dUAY8MzJGvTdG_n1K5ZEwT4dDYeDF4SH-yIpOVSiPbkyydlhPCHsFAl1uRQTrt8hzsAdk7IIAMj6jxHgNHPxJMX49G2ozSCT3EtdzhdXm3s3B4e35S9SZ1uYhy-VmAJ4L6seV6cO_MIan9qxSQRCft8GmkAg5e-gkKbj4lVSNPTHHU-PV_hLTcCumXTjJf9zg7bLYJhXiB7S4GRWwUtO19izvFNyJ6buQmwB2k4KM2V1uzvzwjPuifcCw513gClnIXkN6Iaad8OBh6MnHyxd2acZauKA585Mr6OA_9rPyTXcSgtSVKvGahTdC20RpwMEE1yB_CUDeo68KPbR5cGjHuqN-rkxwpMRkp3JXIkclCwEUuOuAqDkKWm4luVeiJi6XTZrgwHHw8dCA7jrLJ3kTgr-FBgrgzZrMQpE34qvv2jz71CH7zXnxYtQ8Zn1yifreP7mYdt9pfaB2YZaZQj4ZCAhbc_VgKaz-bPcoTnkNhtLfHyr-Ydb3X3FZcsp6U6mSuj2Do38LitrTgOTk5siFzyAk9FdWFAzIvZvcQ-VIKcQbAAF8BkJdSU3_UKny-gtUqJineG5CPWLCy1fc4uiPrCyy6hAwtMPbfnl5A4kGSBYlBSHk2L8QHYo6-9EPOyUl_aGa59OPqnX5CxZrCa0utOqb8R2zEQ&cid=CAASJ-Ro0-4_8PPqieqUB1qBkJF_cPJ77tUg3Jz7Y-7WInSNLkeKx64eLA&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Frame ID: EED94C5555CC9FC92CFC6E17173DBDE5
Requests: 12 HTTP requests in this frame

Frame: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 22A7F5BA452D32070FD78209A72C36B9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 33F4329C832FD93D952C18E6B2716C43
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjD65C_ATAB&v=APEucNVSdHIIE1OdiHrRibWMr8Xm1btMp_LiFqmWhxE07k4wCr683wjQrH3QNaTTPzzV41v0uw95IvPSdvMX-HaQ_EFPnIpnxxNgvBsfEeNklU_WaAgHPqwTbuaX5a5q0ev-sOREgoeGNQ97iCthBZNtkuBXL0ufe_WeSL5VyqCvuq_uoQPtVFA
Frame ID: 72F1BD367F64AD60F861B15AACA8B7EF
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
Frame ID: B1E69B3C45D9D9BAE8ECAD95F5146F2E
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0CB736B30BA2888305165075879A38C5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E554C1E2EB940BE1C9EAB3465D6FAFBD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
Frame ID: 0304D029A5D3F66D45ACAED4040A6892
Requests: 39 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9520564935839426931/index.html?e=69&leftOffset=0&topOffset=0&c=Ec9jvVE5dT&t=1&renderingType=2&ev=01_247
Frame ID: A4DEAD7FCA977C0F1B9287D418871659
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8DE9F7C4CB895AAB3AC89B082E80D0B1
Requests: 3 HTTP requests in this frame

Frame: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FDAC636CAB919EB1D7A422FE8D95F903
Requests: 22 HTTP requests in this frame

Frame: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 27803B6BA23A76B4E5DE21520B4873C8
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: 7CA8A5FC7688D440C7B12B692F2B6E22
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: 35301CAF1AD6A0D391AB240ADD5F9555
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNXBBYmmz9zetp7FunMyiFhUc1WqLFlVB7frm8Lc38QinRCut7ocunIM8PwXXss9-PmtKdQDuq4uu6Ls7wPgzhh8PE5tCcZt8YTWBQrKU0grfX4-c1yrTOk5NL8eebfN5dfE7OAZDOzJhJDYqHk-gI8pHkTnE-weOWR3HoMCo63rSqpLSBc
Frame ID: 2C9FE7E95EDF9495623A1822A259D601
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYmeGZyAEwAQ&v=APEucNWxm_rKTSXDNn3I-O8zCkX9YxqsBBIIR3hnPVFyyjP-llTCpMPfl4FJIRzw2f-xYFLUndOD4VaQDykh_jahEFY6QWSQyspxFE2u9MTZycl3XhorGgQKzwKmdIMIYq_pciFd1tZIsU0TSW-vE7IlfXRpeFgwtr-WgZ0JdrX2MKHIucQTyBM
Frame ID: CA9AC0431FEBF917D0269ECA9D392371
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
Frame ID: 6A04F40BC27F0C7DB2084EC707A2666B
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 652CC1D3E9771115B2AAB48A5387C245
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 676335F8CFB45F83E7ADE070EDA45827
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
Frame ID: AAD15F36FC0A6080F0B18EB5F99E1B5C
Requests: 23 HTTP requests in this frame

Frame: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 78823D967CB6276749C35F4D4FB5A045
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FF95C4AF46E1FE8E12A0AD2BF5021B41
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 79508C811AF1A7A06EA5CB5D5D0E3CE9
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiaw_fOATAB&v=APEucNX4dhCESK7F_BUKgdcZFRnrq9BLHkFOrQBBy1E_H7uc57eLnokOfE_yGeUXguAtKLS18RiJ5SWbUQxaEq8lIulSJeynKAAMeLObJRndj8fE6N-7ZElyGiYhVvazXZJp0adSLfRJMrW7ew74WxP7_3FeQ6EQgT5LjFnT1-dZX8HPX3haNqul67V8eVszswe3yQ4B1eQzZUtehkS3OqfpvbRDEYkK4NlUl0Ym8u1j8upRn8sk2ks
Frame ID: 100A11E0BD38A41F028508060654E7EA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGFIh0ya8Evi9dLSraPAsm2JPaJzj_ncQkU0i-HWLBqh0k4QI-QNjuIvs4SxAq6BjB-bXJyHKfj8SHzn-D_NhugNpxeAnQVmo0J2f6TnlS92tunsFRB7QpmaJQaaCRnLdOdZz-s8jAtDyNC2VaBIagUC6wyg&dbm_d=AKAmf-BS1Rs0hph92U4BbfrXY74xpAM9uetLLY3JB9SkK5gq8wsE_Tk4e_eKRfNULd9bIGAY9XF_I3o_2tbt8pz_sR1IudcMvD1wKHS3v7bicEQdmQppNM99HoNktX-LjJ0Oa_j7GluZXjlfgB4t46mVQX5ncmGr5k8pZjYaXMwZMgXHeP24kxEDAJEjXxoEVYr3pNrzz9wYO8hQJNSR6sPecXycM_tUnAoNRav90lAPUMpEsP1iclU0Zqwr2az55DLpC6Tc3kKl3Asr7BoXaWKqOxVhngq7sglT4SQ46Cn0pyytuzkQw5athK2j1AH31oKXM9VzMcsvLrOCkAixsy56bmuT5rVoUwNZdjVWAtJduYndc7bupOu8gB3TET8TAQuU6VtVOcV6huqLn05jFb_jwTdQV4TeyVFXB9qQJxAcDfY_kb9xOic9w1a3JgjQgy0uqQNlN5KNTVlbuDnpl390_X3EUOpz9IP2YkDecuN4qVl-jJFdMYcLfRk7HbwyveZsSnDDLCjRoS61qqwMhZ3HSAFT6b5Li6LuEaZxiCk3xjHEy43CN830-GoPGYEe5SySTUX2PQO2M7NeXnJB_H_A5lTMJK877Kq-JysN7AYPOX4GK02nt2_hziZUF5tJK9wlAChPwDt-HbCyiQqd2LW3IHrJwADj-Jh4WIbW66pH_YTkvxXxvjxZwKy5a__mKqbuD8VVa0spSWqfPUTdjpsjz0MhAPnlpj_CpYtabkFq2ThvMMhvzxWqC2ayqpGBg8Bgvkbnjmh3jzF-tnIoSfHvBcHVvmzrbtLqqZtNflG171qzT_Gm3BDFvpxSfQbmeeqMF6dAJ7yyVlEwCRTsgSE5sJJla2shc-L8o9XbaKq7fc72L7GgRFuSrs9ZE79geAWFJUO0Y6lAxOPO-Nyc8Q1H6ZS-2MEUVBQAaKosdiLE2OwEXMEs1erMrHE4vAaMmBXFxzF32QdgZLiVmmqhGtkKQW4H8hcV99uAcVfQbroxt-shvwV01zwon02a_ju8V49brMKzzTl1Ww3V2hJW2ZzUeXur89VIUELGa4N1K_sBhZqQhPBfaNw7_Avo_W8OHZW1p9A4sqNU-JtzVG9_xRhhof7n81qke9qn7VmyhmE5dqsyWFU01y_Vj2JjswPAGtRcHTpPWlu9FAOGXiACsWS_xpA_CnSstVULBWfS0uhONuoBnRMafFmAMYqZ7YPSDt-dmj0MqWILA3r5JchR1nvLGLcle_zZGODdt8MygNU-itsXp7EYqdeuOjJeffk6eC4W1qhHadI_3CUoWDnHeN_Rl1tLdV8m3bbXN5OG_cutyF-8MSMxNaSZBkIXzvT1Gep_kVY0WxcVX7sJmVb3hea9-K4w7tUaa9j5nJyldlIEOwruWyxxRioI3xyhhfrfepWiaMMdb156FTf6khT8xv6NFXmMFUgrnOxXn7P3QBf5t-HTb_zFii7RJrxS6sCaRHd-1kW13eytjAA6rlVRzkkipX65kesR1ZZVBjk1dVgzFxXOGANQDBxpd3ICtjQdbXbDMHKNx3jA-k_5LEOrV9CpRfrbgpT6tgh3sUCt_5v3eeYZCa46uieV0nRYuMXXkT1wsyq0chREWKvN0zHpmbyr0j69FVQi7u--MsxCY4kugAdsIcDYx9XfR7NUVqwtPTpP3Zbp-T-SL5eJthU6UyisqEUVfK4ljmZERWRo75faMww9jkZe9Vfnedh3DwSFJgShjsK2V_gBAKWB9vSWgYw2lX-VYB_sg5IQkdPMLjQDFGWh_4zVw-a8w8AtorCi9LUwYNsKEGUeBK03_u6O6UdtRJUxq8Sh8oeR1wTVt9N3cghYgfJN6ac3QqmXZj_emgRaV_CLxU-TKFsz9MNEOE9l3ZzJ5o4K-cERL3IaXn9WyBErDbY0nKvMsPihVav-hzwwsRrIh-hwE3m6v5U_p4qGCQqR1-ZIj9jqWwTv8pEX2rpvPG2TWZJ_W8PBun7EepJrpB-IWvnD3CUrvHTScIHzh0yrlw7Q2o2IU3k3soBuYHIuVqHv7yV3VRh6mq0iWDJ3OuvcBKVgtHDiZh5OwYFeqn6v_UdoyBoxkYcESjmfEWrqHydbcMTPcF0YU5hZwWlXbIxEm8JbtLC7euRYklTZ3vAY2lEMe2fNoS13lZhn-SvTCz2587RD6kYmgNcGaZG8FbY0BcF2JTftJ9gWWUmX-LwPbtJIq_Wam7gKVZzJ50C4wni3eoAY-5ZHmEDg4IUJL7xKfVf9zmbtxYo1EmzImRH0WB53u74eQWCdCs5iLQ0xxhP1K7ogNAeuQdYs_zAivmesKCGSmqO_u2vBggIg97HWz5oXItWS3isdhWSLE3YAJOnaNEdd0fSdkK1mephpbx2HRfydLIrUBNYqYm_Q5wrcKH0Hz4H7td181bwzmjtG_g_jxQiWcSx-wjucs2erMrq_2PWR5sd0j2zF8-WAz0fc-c662k1CeAOTA_CXV1OG9UEKvlpLaLHgHfJkpEkDsls1ldjOOtQ6jZP-0NvzqR0VZ_rKZQIk_yiKXLLdtZG1RxjpLU_0Q65mgUJv4ZaKYVYohIjB5axdnMXmM4oLzSviM5EYoRhMwaftSCvauHzlDUadrzSccuCCRUXyVj94yvQbdg-9MO6h1mGMTSr7dG12znopXvLPTLC2KPwJy-17dTgzheW1XEMcn-xcekT68KuUgzNHkMHZAXiSuamFRRPRYTLFXWb615IFnvd_8roZO-cSTsAiHIYs_zB4J6awb5-Nmgp-vKTpe3NCf353AF2hoV2p_6KedykNgFYkaOc4hqmTyeq3maUlQVh8j6wkrlMepK5L1N5ZeXo1ukVjvAeOqezs3BxJHzeBkBq7l5zmfgigYYdBE5JfpqcRkzF85AJe3Un3TVuRvLfd3zMSIN3RG8o8y8iMd9QKcUtpCVT1MWu9V7dmBTgn8tKJjNJYDQihc1Aaa742PEV1eP67_1K5PusaLng6Vzl8XnTZTL-l20lKyLrm2eLXZ6Sf0IdYYO3SyZtQN0RdPgJ3oiHxl6B4vJ0DZSBAfIle8HTWa99DrW-qCJYhKQZNZ7CmLSmwTanFBZuKGUstBdq7OkYEKQjydAjLgf19B4gKj54m5qRlIgmDVMRcmbMQxqOyDySMFFOeADU-ZNnFIX1oskNrBPAiWAk5MtOh83XgJHdaO6uQXYBV1x1gYl95rxSBfa-2zMKoQv6SbHTR3bJlZGPJ909uR5iE_0AqE1dLPwAzqSkyyXmH1DWhe7PZKTmMWTmqJUidvo9wZeXMG7vLJBuH87Wwf5kWDBAYdFbqBCL1bFkAvH97UqCbD9V6jOSzW3zZvXw8MaIuPRkfhZkyqmeSW7frQOtE3qinRK3MzRaHLfgYWW_spsDTJ59BAe7Q85oWSDnV1CTYg30kW9dUfIxq8BWJfmb4RD-Iex46xLYAuiGYeBOJ9_BUyPZaUyJKUg3CkhzuzhVS&cid=CAASEuRokTCKlM7TDXFSO41uTy9EEQ&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Frame ID: 52D485AD0CA3C53EA6DE085599852A1F
Requests: 16 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 97500091928D0D767C70057A44E08E52
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: A11EBB563C33CB4A08F3FEB9FB44D915
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: EBE365201CC22B51846CF6E0375471C3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kooora4lives.net
Frame ID: FD5EA39B26ADB2E77E8B685169C23B72
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: 7EDE7C06C9989925A7761E4D13413DFE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13701&pub_id=2164617
Frame ID: 9562D290927487D2F2971174FC2A19BA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
Frame ID: D0B80BCF4EEA2F6B5CD49BC0D6BEE588
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6023667A05A2F0A60A4089ABB5697CBF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كورة 4 لايف | koora4live اهم مباريات اليوم ، اخبار و نتائج المبارياتTwitterWhatsAppFacebookMessengerTelegramAddThisTwitterWhatsAppFacebookMessengerTelegramAddThis

Page URL History Show full URLs

http://kooora4lives.net/home5/ HTTP 301
https://kooora4lives.net/home5/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

506
Requests

91 %
HTTPS

40 %
IPv6

51
Domains

78
Subdomains

64
IPs

11
Countries

4910 kB
Transfer

11640 kB
Size

55
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.reyada-365.com/yalla-kora/
Title: يلا كورة

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kooora4live2/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCiW5olCzHvNKaPTPGhdsj7A

Search URL Search Domain Scan URL

URL: https://www.reyada-365.com/yalla-shoot/
Title: يلا شوت – yalla shoot

Search URL Search Domain Scan URL

URL: https://www.yalla-shoot-matches.com/
Title: يلا شوت

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kooora4lives.net/home5/ HTTP 301
https://kooora4lives.net/home5/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://www.kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png HTTP 301
https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png

Request Chain 178

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1

Request Chain 202

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvpyeL8d7SG6SamEocLP1wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIEs2z52vwQL6zSDgNmsUUk&google_cver=1

Request Chain 204

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyMDE5NDA4NTE5NTgyOTc1Nw%3D%3D

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1

Request Chain 206

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvpyeL8d7SG6SamEocLP1wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIEs2z52vwQL6zSDgNmsUUk&google_cver=1

Request Chain 208

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyMDE5NDA4NTE5NTgyOTc1Nw%3D%3D

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVxUPwFIwNu8I4VHQh-rJ4&google_cver=1

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJDz9VlmvEYT5qkWxa8PixU&google_cver=1

Request Chain 226

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 350

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGsxSJniOP4syJZkVoUolVA&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGsxSJniOP4syJZkVoUolVA&google_cver=1&__user_check__=1&sync_id=4807d8f9-1cb6-11ed-baff-11a3cbba0506

Request Chain 351

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=4806ae0e-1cb6-11ed-8725-143d56a10506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDgwNmFkYWUtMWNiNi0xMWVkLTg3MjUtMTQzZDU2YTEwNTA2

Request Chain 352

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1kRUZscWtCRTJ1RjlsUk5NWm5LdTgyUUVSdzYzeDRaQX5B

Request Chain 353

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEINT3iicjoDRpE5Upsgho7M&google_cver=1

Request Chain 389

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMAZ7j1UcQv5OsstBjxyrc8&google_cver=1&google_push=AehlK4CT4AytxBobc72yAMdX4IK5ZNGTxuU5Kgn2fu6SCMQu-Ydvlk0DhxUqj8MhDv4PLAYIj5I24F5oQ-eZ2oBXGjfnW8tfMRtJeulyfZL0zTOo7mK7Yi75LRfNia4vQkAv4Gayo23Wvqo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4CT4AytxBobc72yAMdX4IK5ZNGTxuU5Kgn2fu6SCMQu-Ydvlk0DhxUqj8MhDv4PLAYIj5I24F5oQ-eZ2oBXGjfnW8tfMRtJeulyfZL0zTOo7mK7Yi75LRfNia4vQkAv4Gayo23Wvqo&google_hm=YZdkwE7fR1GMOYx4e7P5WWk

Request Chain 391

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH2fbEGEa5PZ6D5wvdwDUzk&google_cver=1&google_push=AehlK4CxNkB7sdyTU5EU5AwSuhgjkSQkdsEaPETHpC4e4TvvXWQlgJA1Q9xmng8jc1KktzWFaRgnkaDmi-VN4lx1k2CeqB8z2LSN3801pYw2TzxhWc84ReidhJ3tc_eNnKVsODqtyfBSG4gk HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH2fbEGEa5PZ6D5wvdwDUzk&google_cver=1&google_push=AehlK4CxNkB7sdyTU5EU5AwSuhgjkSQkdsEaPETHpC4e4TvvXWQlgJA1Q9xmng8jc1KktzWFaRgnkaDmi-VN4lx1k2CeqB8z2LSN3801pYw2TzxhWc84ReidhJ3tc_eNnKVsODqtyfBSG4gk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MjA4NDkxMDE2NDMwNTg2NQ&google_push=AehlK4CxNkB7sdyTU5EU5AwSuhgjkSQkdsEaPETHpC4e4TvvXWQlgJA1Q9xmng8jc1KktzWFaRgnkaDmi-VN4lx1k2CeqB8z2LSN3801pYw2TzxhWc84ReidhJ3tc_eNnKVsODqtyfBSG4gk

Request Chain 392

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDMDrWK7YJbPEv5cx7dnC24&google_cver=1&google_push=AehlK4A4PUq7hN4DLgtIx3lUj_x57eVmVucXKmIew-clxcX5os5LpLdTwtRaQsrlARBFC_vzUFc3Vvu5sOEp_0gHwdF7gd8XKCOiyNxgiPP5zecWY0nQkUV13Sj20WJorbE2bHqB12puMwc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4A4PUq7hN4DLgtIx3lUj_x57eVmVucXKmIew-clxcX5os5LpLdTwtRaQsrlARBFC_vzUFc3Vvu5sOEp_0gHwdF7gd8XKCOiyNxgiPP5zecWY0nQkUV13Sj20WJorbE2bHqB12puMwc

Request Chain 393

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH1PVZUx0L6gQhCKCobJs5Y&google_cver=1&google_push=AehlK4CPKn_me3FMOFokQGDovjxkeEqpgSw4oDOFIfsveChCQXuJwJEcrBCp97cRqFb_ngJ3nrkTqrE-A4mdacpK5EDA_zAo42n1cJOcyycvVI2uw1UiLZudKDEeLSbvJWUxmDV6WRw_dfX4wg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1QMDZfZmZORTJ1SFRnaWt0Y3ZpclY2SC5PZDZoMkh0cX5B&google_push=AehlK4CPKn_me3FMOFokQGDovjxkeEqpgSw4oDOFIfsveChCQXuJwJEcrBCp97cRqFb_ngJ3nrkTqrE-A4mdacpK5EDA_zAo42n1cJOcyycvVI2uw1UiLZudKDEeLSbvJWUxmDV6WRw_dfX4wg

Request Chain 397

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEchqt4S7Ac4wmXXT0nSfgc&google_cver=1&google_push=AehlK4CVexI1tAWMr3NOVbkC6VztvnX_sI7e_mkyx2srnzNhuYTnqpY2NYkG56oyCD08NPUHHApObiOPtmaawslUeGyuA4Xclw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYzNjE2MDgwMzgwNzYyOTI4MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEchqt4S7Ac4wmXXT0nSfgc&google_cver=1

Request Chain 398

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMAZ7j1UcQv5OsstBjxyrc8&google_cver=1&google_push=AehlK4ACnfiRMJzFnsKeMuR5WsjzM3JACzDkqft0OdexYFep3zDMef9xAWCl2tc2tr8sghUfOxkbb8D74-ehMK2f-6KbJaGalg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4ACnfiRMJzFnsKeMuR5WsjzM3JACzDkqft0OdexYFep3zDMef9xAWCl2tc2tr8sghUfOxkbb8D74-ehMK2f-6KbJaGalg&google_hm=W1FrnKDwRcuhaHCkN5J372k

Request Chain 400

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH2fbEGEa5PZ6D5wvdwDUzk&google_cver=1&google_push=AehlK4DqN0zW88Q-Oln_JGtZRd1f0zdZxbqHer905kotpQWghgXD8dxj2mAR-tbPJYh3VSAXR27fblOzO4DAdP-6VOuBPi1W-g HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH2fbEGEa5PZ6D5wvdwDUzk&google_cver=1&google_push=AehlK4DqN0zW88Q-Oln_JGtZRd1f0zdZxbqHer905kotpQWghgXD8dxj2mAR-tbPJYh3VSAXR27fblOzO4DAdP-6VOuBPi1W-g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNzcwOTY5ODQ1Njc5MzI0OA&google_push=AehlK4DqN0zW88Q-Oln_JGtZRd1f0zdZxbqHer905kotpQWghgXD8dxj2mAR-tbPJYh3VSAXR27fblOzO4DAdP-6VOuBPi1W-g

Request Chain 403

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEObJXRCWWmDiShnrkuVl1vA&google_cver=1&google_push=AehlK4DaMJvmeBJ_XZI6Gggfz2ZayBABg8n0UPKpnB-EtiQrpwggo2ajilUN4xkx-V77CkkTLYhCM-yRefnp_T7evDR60dl0TQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZVWVFLVVotMjEtN0xRTQ==&google_push=AehlK4DaMJvmeBJ_XZI6Gggfz2ZayBABg8n0UPKpnB-EtiQrpwggo2ajilUN4xkx-V77CkkTLYhCM-yRefnp_T7evDR60dl0TQ

Request Chain 442

https://fw.adsafeprotected.com/rfw/st/886862/62195781/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_eXL6YuiPFdmm9u8PpI-ygAQ&cbFunctionName=goog_wrapCb_eXL6YuiPFdmm9u8PpI-ygAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fkooora4lives.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ee7166a1-4244-dd23-9113-7d259932b5cc,c:lnrOsa,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-94958994c-8cmgb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:teB4rdX+11%7C12%7C13%7C1411%7C1412%7C14131%7C1511%7C16%7C1711%7C1712%7C1713%7C18%7C191%7C1921%7C193%7C1a*.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a41%7C1b1%7C1b2%7C1b3%7C1b41%7C1c11,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:22,oid:48171017-1cb6-11ed-9fe8-5686c3531f21,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 444

https://fw.adsafeprotected.com/rfw/st/886862/62195778/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_eXL6Yv2wFdmm9u8PpI-ygAQ&cbFunctionName=goog_wrapCb_eXL6Yv2wFdmm9u8PpI-ygAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fkooora4lives.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:638df6c4-3347-ba60-233c-d1ac2f0f8f4a,c:lnrOsU,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-94958994c-rvnfd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:5,mot:0,app:0,maw:0,fm:teB4reG+11%7C12%7C13%7C1411%7C1412%7C14131%7C1511%7C16%7C1711%7C1712%7C1713%7C18%7C191%7C1921%7C193%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b*.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b41%7C1c11,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:22,oid:48171048-1cb6-11ed-be3e-fea983410d07,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 462

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEJnTjK_KlTrLBkEvOutGKII&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEJnTjK_KlTrLBkEvOutGKII&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=1fdbb36f87c9a0bec7dbe8fb42290c19&uid=1fdbb36f87c9a0bec7dbe8fb42290c19&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1

Request Chain 463

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOrMe0IcW0yRmZZ4E32wTUI&google_cver=1 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOrMe0IcW0yRmZZ4E32wTUI&google_cver=1&ang_testid=1

Request Chain 485

https://gum.criteo.com/sid/json?origin=publishertag&domain=kooora4lives.net&sn=ChromeSyncframe&so=0&topUrl=kooora4lives.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=KoVH8nwzTlVGbjhHaEpRSHNWZ2ZDcTNUNktnVlcxWEw4ZERiemZtV1lNaEVua25uNXdkcDJ2VjB5UHp3aVJwUzh5RDFQczFOWklxUXdXNExHanpTNjZDZTVSVk04Um5rbnlxdGMzdW43QzJyT3U4MUtOZ0tEVjErVWpWZnFSaXU0S0hqQURSQ2xQajBDS1NYS0x5VC9URWRjY0d0OXBmS1N4cG16TnNhdnFsbk5lSUFYdWkxeFUwOHlhY01SbDBNVXRTMDdVWmNUNW45VnBKR2cyZTdQaW9BdUZ3Z05JaDc4M044OEl5a0VGcnMyL2JXZnBsNTJuRmNVbUNKS3NXWC8xYjVCcEFkK05TeDFoRVZDV0JnK1Q1blFYUT09fA&cppv=2

Request Chain 509

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.net%2F&domain=kooora4lives.net&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=ZO0r4nxzV20yaC81d1FtNXgvY1JNT1orbmZCcVhlbXk2OG9nc1NKYjM4bjVSVDBrbXZvdFFXTFZWbVdMMVJmKys3WmhOdENpN2p6VHdoQTQybmVMN1NXeWdLYTVIOGt3ZmJ2MEJ1TUR6M3pPVWVyZEg0alhDbTNDdDljZERiKzNZYW1UcGoweDgxY3piK0dHM2Fxb1BPc1FVdkxISnVXTE0yam1GdXVuUVl1dHNQaStEaEZFL21WSU1rSWJwRFBnSVZid0d4SnVrQ2dNUUwveGp0WHgxYTRyS1czL3RkOEpWRm5KN2R6RXgzSUlqa20xa3MwMlNqTnp1S0l1am1oOFExK29ldzdqa1VxMHdBNkdxZS9xY0FKNnR5dz09fA&cppv=2

506 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kooora4lives.net/home5/
Redirect Chain

http://kooora4lives.net/home5/
https://kooora4lives.net/home5/

74 KB
17 KB

203ms
120ms

Document
text/html

2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora4lives.net/home5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14addb0d62ad36d44f4a35b2302d30ff9368beec6df1ae7e15398b5a25d3b1b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 73b342fe2de1906c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 16:21:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgNyWdpgsCPb%2FnzuTyVY%2F1Vx56xt1fZ%2FmrfAUZViWMxc95x8JSiwtBKbLsxSC84y1JpNmyPLCagdJOROfby4DJqR4VjaFX5S1DCJ5aJ9XxXGO3SlLtK%2FS%2BdRjUXPN6tGcB%2Bp%2F8mRpBXwIWzGKiQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie

Redirect headers

CF-RAY: 73b342fd4e5fbbf8-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 15 Aug 2022 16:21:09 GMT
Expires: Mon, 15 Aug 2022 17:21:09 GMT
Location: https://kooora4lives.net/home5/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hY3ytlLIQYO1rxyvBKrawkxz5dN%2BDoslkW%2BRoHOVWROAyfWBua6pheHjleHXMYKLndtPmujgtq2jGzi9wFm%2FS7NvZmEltYkT%2FBL5Yb8K8vxVvOyZ%2FK0OtM9eMU3YnepUn9HLc%2BivtWp0M9CewZ8%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 addthis_wordpress_public.min.css
kooora4lives.net/wp-content/plugins/addthis/frontend/build/ 587 B
706 B 45ms
45ms Stylesheet
text/css 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora4lives.net/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=6.0.1
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 302430
pragma: public
last-modified: Tue, 03 May 2022 04:46:56 GMT
server: cloudflare
etag: W/"6270b3c0-24b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1UwAPHlHaSzbPUZltopjpBPzLRDCq4oTlKhZH3fPdzK6S9Cyh80e9zHF0lC6JxGCnXII62T%2BaHGYYB2CCBgxcrceoRuGH3P%2FP9PO110U62aEBaNhB%2FsY0T1NuJwlgz55rulAstAuber1%2BxRzc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 73b342feef2c906c-FRA
expires: Sun, 11 Sep 2022 04:20:39 GMT

GET
H2

200

logo.png
kooora4lives.net/wp-content/themes/AlbaKora4Live/img/
Redirect Chain

https://www.kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png
https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png

6 KB
7 KB

52ms
51ms

Image
image/webp

2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol: H2
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab9eb1b5e0926e9778eadcbb34fa2718370ac32ee5be934f4557ee77e2e8390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 421604
cf-polished: origFmt=png, origSize=12374
content-disposition: inline; filename="logo.webp"
content-length: 6460
pragma: public
last-modified: Mon, 21 Dec 2020 21:53:15 GMT
server: cloudflare
etag: "5fe1194b-3056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJxsy9iVcFQiczIHL9FW201r4zxLqhBiNfsN3Qk7fY02EuC3tYRc0pWiZlRfKA8BMsDrk6JxuxytseUO84S5zh7N0jaCsyRBxQPxcNdNnKR8AHc0qVzgNNJVkX1Dvsk8JwnuZ7qRwE31HjRN8QI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 09 Sep 2022 19:14:25 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b342ff7ff1906c-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

date: Mon, 15 Aug 2022 16:21:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMvrXkgBaPARgxeVkJiYD1iP4SLDhM24Y%2FIVTEuqD58ZXdmmxaQJBaNumzUP5uQlIz5QBB18dd865EY%2B6b8JM3I6FX6YAnNyCVaT8v0Stbdb%2F0CCiId1WAv3MfWrIauwPbw%2B7FCLkBg2xQMNxKNZQoa0"}],"group":"cf-nel","max_age":604800}
location: https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png
cache-control: max-age=3600
cf-ray: 73b342ff0f44906c-FRA
expires: Mon, 15 Aug 2022 17:21:09 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 561ms
74ms Script
application/javascript 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 15 Aug 2022 16:21:10 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 rocket-loader.min.js Show response
kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 42ms
42ms Script
application/javascript 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Aug 2022 17:04:07 GMT
server: cloudflare
etag: W/"62f29387-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIM71XvPly46aWL721Q9FXfbuKXeNEVecBzKLOdLc38LI99RiBkALnRNNWH%2F0wZKjogTVPHTIlsIQ5ttkcEh9Qoui09gZgt4oEa6m4rTPtu3CkHwoPR3fBXYUE4ZSnvUT0GDQulKsPviUugIjnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73b342ff0f57906c-FRA
vary: Accept-Encoding
expires: Wed, 17 Aug 2022 16:21:09 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 NeoSansArabic.woff
kooora4lives.net/wp-content/themes/AlbaKora4Live/fonts/ 56 KB
56 KB 43ms
42ms Font
font/woff 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora4lives.net/wp-content/themes/AlbaKora4Live/fonts/NeoSansArabic.woff
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://kooora4lives.net/home5/
Origin: https://kooora4lives.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:09 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Dec 2020 21:53:15 GMT
server: cloudflare
age: 2962
etag: "5fe1194b-e014"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjovGQ0oCh%2FQzuawGIQJRcvb02Bww7uiTddT0WkdxnS4GQmDBwZJU3dDiehGygb1EDoCgNuiwL3GDzZOfLCUUCVP1%2FvCSKN4Hjx9ofijZGbT7oKevdJJDiFcPC8oAiAcU5FPBXJEuDrXfUuhrMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73b342ff4f9c906c-FRA
content-length: 57364

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 130ms
38ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 15 Aug 2022 16:21:10 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=41865
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 lazyload.js Show response
kooora4lives.net/wp-content/themes/AlbaKora4Live/js/ 7 KB
3 KB 46ms
44ms Script
application/javascript 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora4lives.net/wp-content/themes/AlbaKora4Live/js/lazyload.js
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2016701
cf-polished: origSize=7249
cf-bgj: minify
pragma: public
last-modified: Mon, 21 Dec 2020 21:53:15 GMT
server: cloudflare
etag: W/"5fe1194b-1c51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdP9EDmLlG7oAAxvj%2Bxog%2FslwTSff4p0zBvdvirZhZqqIn3M%2BhIbVEQLkiwFO9SSiUsHLHLwOSszGzUE5DTkoYSZ%2BltlqehvsoYEghDue0vHZKlotTJNJH%2BKIzDW0r5OMuZvWx9doVqhw3MFuEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 73b343039d7e906c-FRA
expires: Mon, 22 Aug 2022 08:09:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 184ms
100ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6XQ0HCVXZH

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14206674d461ff9debc70712d20abb311839d16d2a8edf4460813d7e4f04399e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72301
x-xss-protection: 0
expires: Mon, 15 Aug 2022 16:21:10 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 149ms
51ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

49da9ea975537d77c8a0694d2633e11645beeeaacdc75f2947c54dba87ef3075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28788
x-xss-protection: 0
server: sffe
etag: "1304 / 284 of 1000 / last-modified: 1660561528"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Aug 2022 16:21:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 135ms
51ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-150096121-1

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93f68a2037ca60ef00c6fdc65faf32a333264a5f490da174b06b46d32785f906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41918
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:46:15 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Aug 2022 16:21:10 GMT

GET
H/1.1 200
OK kooora4livesdynamic.js Show response
jscdn.greeter.me/ 8 KB
8 KB 180ms
41ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/kooora4livesdynamic.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

a7376fb82a98db2648618531d9102664c07f741d3d25501ffb9d5b7103525777

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 16:21:10 GMT
Connection: Keep-Alive
Last-Modified: Wed, 01 Jun 2022 14:52:10 GMT
x-amz-request-id: tx0000000000000148d6d47-0062fa7236-5c8c654c-fra1b
etag: "3cada13afcbf112eafe5b390979c2b4b"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1660580470.dop212.fr8.t,1660580470.cds206.fr8.shn,1660580470.dop212.fr8.t,1660580470.cds157.fr8.c
Content-Type: text/javascript
Cache-Control: max-age=3536
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 7966

GET
H/1.1 200
OK kooora4liveshead.js Show response
jscdn.greeter.me/ 8 KB
9 KB 184ms
42ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/kooora4liveshead.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

fd531f9dde4d22dfe6cdebb61d03aaaaca6ccd5ba6b8e09b8f50e9fcfa6b6314

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 16:21:10 GMT
Connection: Keep-Alive
Last-Modified: Mon, 04 Jul 2022 08:59:54 GMT
x-amz-request-id: tx00000000000001494986f-0062fa70d1-5c85f102-fra1b
etag: "29691e1a700494c3810de424aae1d857"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1660580470.dop224.fr8.t,1660580470.cds166.fr8.shn,1660580470.dop224.fr8.t,1660580470.cds266.fr8.c
Content-Type: text/javascript
Cache-Control: max-age=3179
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 8351

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5c646be341234125/ 2 KB
823 B 99ms
91ms Script
application/javascript 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5c646be341234125/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-212-127.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7897757471988b6dda805254de287e19033514ae748b13569acd29dd275c8d26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
content-encoding: gzip
etag: -377002541--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=9, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 647

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 262ms
239ms Script
application/javascript 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62fa7276db554363&bkl=0&bl=1&pdt=311&sid=62fa7276db554363&pub=ra-5c646be341234125&rev=v8.28.8-wp&ln=ar&pc=wpp&cb=0&ab=-&dp=kooora4lives.net&fp=home5%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1660580470324&wpv=wpp-6.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.7%22%2C%22plugin_mode%22%3A%22AddThis%22%2C%22anonymous_profile_id%22%3A%22wp-f17c23e72e07ea7b036b43e61b0390e0%22%2C%22page_info%22%3A%7B%22template%22%3A%22pages%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=0&uvs=62fa727635415ed9000&skipb=1&callback=addthis.cbs.jsonp__394143782947604660
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-212-127.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3265c5548e8e8c2f92597f08cb275c56363b38d42ba7da2066ce3141b41f7de3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:10 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 54B2 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 892B 71 KB
26 KB 61ms
60ms Document
text/html 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Mon, 15 Aug 2022 16:21:10 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.ar.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 200ms
57ms XHR
application/json 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.ar.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

72d2367dc35967c758f93deefb69e76a1cfed9be0dcab06fc8ae2bf8d37bc879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-11fd"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Mon, 15 Aug 2022 16:21:10 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1925

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 55ms
55ms Script
application/javascript 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 15 Aug 2022 16:21:10 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 195.461912c47007775093ae.js Show response
s7.addthis.com/static/ 384 B
538 B 54ms
53ms Script
application/javascript 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/195.461912c47007775093ae.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-180"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 15 Aug 2022 16:21:10 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 298

GET
H2 200 159.1c3fceccbc80f2a3615f.js Show response
s7.addthis.com/static/ 564 B
634 B 60ms
59ms Script
application/javascript 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-234"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 15 Aug 2022 16:21:10 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 394

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
260 B 93ms
77ms XHR
application/json 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://kooora4lives.net/home5/
last-modified: Mon, 15 Aug 2022 15:00:00 GMT
server: nginx/1.15.8
date: Mon, 15 Aug 2022 16:21:10 GMT
content-type: application/json
access-control-allow-origin: https://kooora4lives.net
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 35 B
289 B 284ms
268ms Script
application/json 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&callback=_ate.cbs.rcb_2vc70

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

d11c03c9ffd7a68512f6827266613da2b089d2429c6ec9729de7868650b96c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: kooora4lives.net/home5/
last-modified: Mon, 15 Aug 2022 16:21:10 GMT
server: nginx/1.15.8
date: Mon, 15 Aug 2022 16:21:10 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 55

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 35 B
289 B 293ms
278ms Script
application/json 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fkooora4lives.net%2Fhome5%2F&callback=_ate.cbs.rcb_8c6x0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

bf12c3361e02190b8ed61414e3c5562b20ca3285b475e049e45620f269e43832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: kooora4lives.net/home5/
last-modified: Mon, 15 Aug 2022 16:21:10 GMT
server: nginx/1.15.8
date: Mon, 15 Aug 2022 16:21:10 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 55

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 147ms
39ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:20:00 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 614729571

GET
H2 200 pubads_impl_2022080901.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
132 KB 37ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 11:20:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134589
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:35:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Aug 2023 11:20:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 370 B
186 B 148ms
71ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

6914756a2773260c86412e094f95cec7ca06be35b44217badc1d1d8bce201257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161
x-xss-protection: 0
expires: Mon, 15 Aug 2022 16:21:10 GMT

GET
H2 403 HellasVerona2018_7_29_15_11.png
www.kooora4live.com/wp-content/uploads/2019/09/ 0
0 142ms
48ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/09/HellasVerona2018_7_29_15_11.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 download-4-3.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 141ms
47ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4-3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 download-2.jpg
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 140ms
46ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 download.png
www.kooora4live.com/wp-content/uploads/2019/08/ 0
0 138ms
45ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/08/download.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 1378025755.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 139ms
46ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/1378025755.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 egy_ismaily.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 137ms
44ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/egy_ismaily.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 download-3-5.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 49ms
48ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-3-5.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 download-2-6.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 45ms
44ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-2-6.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 download-4.jpg
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 76ms
75ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 download-4-2.png
www.kooora4live.com/wp-content/uploads/2019/01/ 0
0 80ms
79ms Image
text/html 2606:4700:20::681b:4071
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4-2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:4071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 HAZARD-300x180.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 11 KB
11 KB 58ms
56ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/HAZARD-300x180.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5cdd831bbd25444ecfae13ef4db01e352c956de5463b21db8d2f2039ec4c9a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 982
cf-polished: origSize=11519, status=webp_bigger
content-length: 10781
pragma: public
last-modified: Mon, 15 Aug 2022 16:00:57 GMT
server: cloudflare
etag: "62fa6db9-2cff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sT3Ed0P0r0V1ccETDhlKbR1zmtDCJ85811x%2BFNExYqF8Xdq7o%2FKD%2BOvZ2daNU9A4Kc7w%2FibUYvbOlK2%2ByYkhelGp%2Bvy2uPKLBvQ4uuOh6i2ggS3AcK62V3LcDG1Qo4TFGtaqrL5q3b5IIO%2Bd19Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 16:04:48 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343071af6906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 omar_a_kooora_2021_9_2021-09-01_075126-1-300x233.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 12 KB
13 KB 53ms
51ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/omar_a_kooora_2021_9_2021-09-01_075126-1-300x233.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f6f9937e14b476088dcf572745a8072db1eb2c1878c7c58ba8ffd715dcb22de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1830
cf-polished: origSize=13487, status=webp_bigger
content-length: 12682
pragma: public
last-modified: Mon, 15 Aug 2022 15:49:11 GMT
server: cloudflare
etag: "62fa6af7-34af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMTac1eqQ7dDfJaW5cPn33PK3ciO1DhuCThdqZaLzIVCfxYj%2F47HCHq%2BrxDLkW2yta3%2FY3vU6QWeb268fSA9un0AuKxA0vV%2BYVb49plCEfb5rbkQVvoczwfUhunbsieZDY8i%2FmsIx8Mi82vdOP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 15:50:40 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343071af9906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 GettyImages-1368962653-Copy.jpg-300x170.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 8 KB
9 KB 55ms
54ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/GettyImages-1368962653-Copy.jpg-300x170.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f73f8a886438e89bbe9513cc07fe9fbc038b63117ac55c58c6a039fbd02ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10314
cf-polished: origSize=9250, status=webp_bigger
content-length: 8683
pragma: public
last-modified: Mon, 15 Aug 2022 13:14:01 GMT
server: cloudflare
etag: "62fa4699-2422"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBpY7OXLWY2dUA%2BFhsfoigQkTlpUMTUIN6B2yxADtKbOhEVXwDpgeX%2B59irlkWXYKfpYN4AyTM%2BZytLGzt7hSK3KmPexWVcL7haTPBzNMSAU990kSM5xEv3s5k3Tpxc%2By%2FPk7w772ZCeDtzlyRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 13:29:16 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343071b01906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 124-121752-manchester-united-cristiano-ronaldo-loan_700x400-300x171.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 8 KB
9 KB 51ms
49ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/124-121752-manchester-united-cristiano-ronaldo-loan_700x400-300x171.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae6d0a19bf5829c1066cfa6fd7b49f731bf2ef2e2782c7e5a4310f4613d950ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11457
cf-polished: origSize=9150, status=webp_bigger
content-length: 8684
pragma: public
last-modified: Mon, 15 Aug 2022 13:08:38 GMT
server: cloudflare
etag: "62fa4556-23be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXuxQgJjY%2FcdNavdOGI1hzfiWxkWykiY45Z7AMEMROsinOqilmpKt7RFeAErwuM96fDsPENFOrEwV9v%2Fv0G358XsPHjSD%2FPLrM79K1snZcUGeWofKYjAn1QK8czfE89fchu959KT%2BrvJUJFQ9vI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 13:10:13 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343071b02906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 word-image-24-300x200.jpeg
kooora4lives.net/wp-content/uploads/2022/08/ 13 KB
13 KB 52ms
51ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/word-image-24-300x200.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b15891f6bdc27b2e7c54f1a6fecba562ea0bfc86f8ea85b63f1f54a420c30264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11797
cf-polished: origSize=13966, status=webp_bigger
content-length: 13062
pragma: public
last-modified: Mon, 15 Aug 2022 13:04:20 GMT
server: cloudflare
etag: "62fa4454-368e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxhTI19Bu2hSdwluwMuYSCge0CLEyFrMTcCy3NS2ZJd3Q%2FeFAMnQzfzpHeR%2FZ7WTwZr%2BPi60axkFAaqX9l5VU3YGnBXvxQ6EAe8AqyJLyf69N2EXiPp08HwCNCrYFI2Dsmaf3%2B3B3MB1ec04BEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 13:04:33 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343071b03906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 138-221301-pierre-emerick-aubameyang-2_700x400-300x171.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 10 KB
10 KB 52ms
51ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/138-221301-pierre-emerick-aubameyang-2_700x400-300x171.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d3f8b7466479b2c40a3dfdc1a28d38195bdc4c78fff4ae5e69e7546041409e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11898
cf-polished: origSize=10631, status=webp_bigger
content-length: 9986
pragma: public
last-modified: Mon, 15 Aug 2022 12:56:51 GMT
server: cloudflare
etag: "62fa4293-2987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PaRmxDvLXgX%2Bet8H4l2Ylo41p5f8Y3iE75SSGW4YupJVfHuIxRHAKJXiepXSG1owSyf2O7d1AEB%2F9CaqB9oQN1DsiEvq8%2BDPBwbLDYoUZ6%2FcPkTygah%2BC%2FVhJYgiSw62cOaA1lg3lNAqV4Vwpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 13:02:52 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343071b05906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 download-300x200.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 10 KB
10 KB 51ms
50ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/download-300x200.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d89a2433e7f8f1ad47940635423c18359783fd7d659822733b556e00d2bc558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12600
cf-polished: origSize=10782, status=webp_bigger
content-length: 10200
pragma: public
last-modified: Mon, 15 Aug 2022 12:47:41 GMT
server: cloudflare
etag: "62fa406d-2a1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byCQw4khSFpzQQlJ6Ltm27U%2F%2Fz%2Fe%2FkyyyX44ris5XZ%2BH3jfY7J3lgfzcfbSwk%2FDcHgFqH5BJ2XDS5zXHz%2B4tdiV9OtRZOVZGukERZBC7if1BkeXhfDsVM1jkjEh%2BF6Q9YD28XGVxfyv4ZLJvOlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 12:51:10 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343071b06906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 19_2022-637919432090865349-86-300x203.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 15 KB
15 KB 53ms
52ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/19_2022-637919432090865349-86-300x203.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86ba14a7f07211d538234cbed845fa7ab540607704f5b54218748554c036898e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85964
cf-polished: origSize=16256, status=webp_bigger
content-length: 14977
pragma: public
last-modified: Sun, 14 Aug 2022 16:28:08 GMT
server: cloudflare
etag: "62f92298-3f80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2DRryqM4HIe3HUVx6GwPq4HXNlIdnagm588WyP9mqU2F5Aj9L4%2Fgf6FTA5ask3wlgL0mX0%2FPHi%2FpW3NMt1xMyECH96tywp0c4qrvAgrrI%2FDawzZmTzi9NRnjIPYdv9O5XjKI2q%2BMH9QWSwKrGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 13 Sep 2022 16:28:26 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343071b07906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
37ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150096121-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4513
date: Mon, 15 Aug 2022 15:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 15 Aug 2022 17:05:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 128ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6XQ0HCVXZH&gtm=2oe880&_p=568714051&cid=1083353256.1660580471&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660580470&sct=1&seg=0&dl=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&dt=%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%8C%20%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D9%88%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6XQ0HCVXZH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hb_561849_14381.js Show response
player.aplhb.adipolo.com/prebidlink/461272/ 343 KB
105 KB 159ms
41ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4bf927bfe5c37fee626b3bcc1595b82a10859d654d2e6f3b0315c75bdea5575e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 15:34:42 GMT
server: nginx
etag: W/"62fa6792-55baa"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Mon, 15 Aug 2022 17:21:11 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
28 KB 65ms
64ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

49da9ea975537d77c8a0694d2633e11645beeeaacdc75f2947c54dba87ef3075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28788
x-xss-protection: 0
server: sffe
etag: "1304 / 959 of 1000 / last-modified: 1660561528"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Aug 2022 16:21:10 GMT

GET
H2 200 wrapper_hb_561849_14381.js Show response
player.aplhb.adipolo.com/prebidlink/461272/ 790 B
735 B 180ms
146ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/461272/wrapper_hb_561849_14381.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: fb44b647fb1b4d0669c228bd44b21eba0120a5c6d360fe2a6d81875875918814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 15:34:42 GMT
server: nginx
etag: W/"62fa6792-316"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Mon, 15 Aug 2022 17:21:11 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 143ms
45ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aefcd2e6828b237e666c9d5cd1779e534b5e1ce9136e0ebb6ee398aa210e891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28688
x-xss-protection: 0
server: sffe
etag: "1304 / 329 of 1000 / last-modified: 1660561589"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Aug 2022 16:21:11 GMT

GET
H2 200 adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 7 KB
7 KB 149ms
46ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10821305
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7068
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
server: cloudflare
etag: "5ed61610-1b9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3gfTt%2BwozJUSnsfNL%2B%2BCOu3tOHRp6qeTLyNbvnFfLwKSADnII0LqdkRoLa7aHQ1mQEeUMDS2CyNQobRsBlBOltRd0KXCmxZmTXhFs3to74x6%2FVHl6ESqTMeXk4TcYT4Dx5%2Bp%2Bf1jJOGkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 73b34308ad589bac-FRA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/124-121752-manchester-united-cristiano-ronaldo-loan_700x400-300x171.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae6d0a19bf5829c1066cfa6fd7b49f731bf2ef2e2782c7e5a4310f4613d950ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11457
cf-polished: origSize=9150, status=webp_bigger
content-length: 8684
pragma: public
last-modified: Mon, 15 Aug 2022 13:08:38 GMT
server: cloudflare
etag: "62fa4556-23be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJzHKAPIU3aKdfIWoDUPQpJdP9koNx%2BccLHTiemghAVZ67CrHZ2Fsl3TwxOkeZRTiZNJASVgydS5G%2FGGaqSwJcnyACD6%2FabhSKXWjj8P%2BQOmJ6k4diJXcnlLnaAtb9YAvm6t2vWOc28QuGV%2FcVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 13:10:13 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343078b82906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 download-300x200.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 10 KB
10 KB 47ms
44ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/download-300x200.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d89a2433e7f8f1ad47940635423c18359783fd7d659822733b556e00d2bc558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12600
cf-polished: origSize=10782, status=webp_bigger
content-length: 10200
pragma: public
last-modified: Mon, 15 Aug 2022 12:47:41 GMT
server: cloudflare
etag: "62fa406d-2a1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LITUPpy76Xl%2FB595trjde%2FR8yqpPTNo4iE4WwszJWONe%2F5kIKmAnTlm0R8Vd62Shp%2BAP1joRwOG4at6SrVrp3mesoR7BYRR2FVucu5K%2BbaFC6kgZqlUoP2CUmEZBfXW4m%2Fa9qZ7V0EEPZmPExw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 12:51:10 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343078b87906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 word-image-24-300x200.jpeg
kooora4lives.net/wp-content/uploads/2022/08/ 13 KB
13 KB 46ms
43ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/word-image-24-300x200.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b15891f6bdc27b2e7c54f1a6fecba562ea0bfc86f8ea85b63f1f54a420c30264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11797
cf-polished: origSize=13966, status=webp_bigger
content-length: 13062
pragma: public
last-modified: Mon, 15 Aug 2022 13:04:20 GMT
server: cloudflare
etag: "62fa4454-368e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNN3KOfw4waVWLXusx9w5zc1NYD7IMSBzU%2FENVf4X2d16t24RHF6YZrpjN9Db96B8LCJ96E2TTF1%2FsMBPIY3B1c%2FE%2BchZJUooweGnghcuM153sebMUsKM5A%2F4fNw5GlYI4dbGKkx4P3TfPMk8pM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 13:04:33 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343078b88906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 138-221301-pierre-emerick-aubameyang-2_700x400-300x171.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 10 KB
10 KB 45ms
43ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/138-221301-pierre-emerick-aubameyang-2_700x400-300x171.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d3f8b7466479b2c40a3dfdc1a28d38195bdc4c78fff4ae5e69e7546041409e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11898
cf-polished: origSize=10631, status=webp_bigger
content-length: 9986
pragma: public
last-modified: Mon, 15 Aug 2022 12:56:51 GMT
server: cloudflare
etag: "62fa4293-2987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZO8VHd6If5eObvM3DM5eS98XUSTou2FrRe5xzuMDR97yrUssKGUdvtCPHu3druw72rT%2B0tdgbWNSIjYYWHMTvGsv56hDSEI4EKPKz%2FXnnU08mjQ2gWooglbrgW8jZ9BOkicWQg0IqU2NGX%2B59E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 13:02:52 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343078b89906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 omar_a_kooora_2021_9_2021-09-01_075126-1-300x233.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 12 KB
13 KB 47ms
45ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/omar_a_kooora_2021_9_2021-09-01_075126-1-300x233.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f6f9937e14b476088dcf572745a8072db1eb2c1878c7c58ba8ffd715dcb22de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1830
cf-polished: origSize=13487, status=webp_bigger
content-length: 12682
pragma: public
last-modified: Mon, 15 Aug 2022 15:49:11 GMT
server: cloudflare
etag: "62fa6af7-34af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceYip0DaIoZcyFGpczBXXV%2FO9%2B%2BVJRHAtmjCWAKJ99HVlkCISYVMBYjt5Lp2YNd1aDzeELI%2BER2h5nvla04C%2FA37IJIPTILh4qdNhvHbVM8JVFwQBq9D%2Fq4%2B%2FISoMuMXsvZeQLHWTJvU1M%2FUX70%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 15:50:40 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343078b8a906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 19_2022-637919432090865349-86-300x203.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 15 KB
15 KB 49ms
47ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/19_2022-637919432090865349-86-300x203.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86ba14a7f07211d538234cbed845fa7ab540607704f5b54218748554c036898e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85964
cf-polished: origSize=16256, status=webp_bigger
content-length: 14977
pragma: public
last-modified: Sun, 14 Aug 2022 16:28:08 GMT
server: cloudflare
etag: "62f92298-3f80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeOZv3IKIhOznv6qwT2i0mx4zLvymyM7ymm3dB6ZC%2FEKUZkfBgUOMsE8yB4x2JjAo28V9SDrtoLyWyT5lP9RXgBLzUSbM2rrSTwwv4EKa7mpYHGGD5Y8Zaecp5BQ1OIntIsQUBHuSjbXZIZOE6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 13 Sep 2022 16:28:26 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343078b8b906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 GettyImages-1368962653-Copy.jpg-300x170.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 8 KB
9 KB 49ms
47ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/GettyImages-1368962653-Copy.jpg-300x170.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f73f8a886438e89bbe9513cc07fe9fbc038b63117ac55c58c6a039fbd02ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10314
cf-polished: origSize=9250, status=webp_bigger
content-length: 8683
pragma: public
last-modified: Mon, 15 Aug 2022 13:14:01 GMT
server: cloudflare
etag: "62fa4699-2422"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdB27USfu32UwDRGVQ8ukr9ovsN8UiJZcDA4ryJoiAN4aHWn5HZ6xoax2E7oo6wJTOuc%2FG0IIzc%2BIGJN90Kktv%2BUVJixHubu1xi2l8%2Ft8%2FPIqgERZro0Y6ulyNSz%2B0h7VY4b8xWDiyBE4jqEJYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 13:29:16 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343078b8c906c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 HAZARD-300x180.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 11 KB
11 KB 50ms
48ms Image
image/jpeg 2606:4700:20::681a:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora4lives.net/wp-content/uploads/2022/08/HAZARD-300x180.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5cdd831bbd25444ecfae13ef4db01e352c956de5463b21db8d2f2039ec4c9a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/home5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 982
cf-polished: origSize=11519, status=webp_bigger
content-length: 10781
pragma: public
last-modified: Mon, 15 Aug 2022 16:00:57 GMT
server: cloudflare
etag: "62fa6db9-2cff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkDXg1d7vgiOHq3Ckfen2mHSy6wgt3NRdg3dxrAnTdIBMJHaUOEsWNZwHWa%2BfGn%2FfCFeR4VipdJuApqjXzO30KrZisYy4Ffvmze3zsaY5%2B8D9kuo024DwKTDTIBp1k2xA0qDCSFk7FbLwWDVR3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 14 Sep 2022 16:04:48 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 73b343078b8e906c-FRA
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 454ms
122ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4625840&@f16&@g1&@h1&@i1&@j1660580471001&@k0&@l1&@m%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%8C%20%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D9%88%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:63843160&@b3:1660580471&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fkooora4lives.net%2Fhome5%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: 4f93579e5eb01d2b804b5f5553765f02b53656009ea43f244caa44e471a99de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 16:21:11 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 121ms
46ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=568714051&t=pageview&_s=1&dl=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&ul=en-us&de=UTF-8&dt=%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%8C%20%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D9%88%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1403958614&gjid=2125075251&cid=1083353256.1660580471&tid=UA-150096121-1&_gid=868592108.1660580471&_r=1&gtm=2ou880&z=129569617

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hbw_master_561849_14381.js Show response
player.aplhb.adipolo.com/prebidlink/x461272/ 87 KB
28 KB 45ms
45ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/x461272/hbw_master_561849_14381.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/wrapper_hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 51ec9422eecc62d3a9be404ca2035d02c21a378e7790c24e5be14f22b5660ad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 15:34:42 GMT
server: nginx
etag: W/"62fa6792-15b67"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Mon, 15 Aug 2022 17:21:11 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 136ms
44ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 29b763c86cde423f25cb897c794bc469c2c475bdf5bb4211896e6e0f47c097fe

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 00:02:13 GMT
server: nginx
etag: W/"62f98d05-2ac7"
content-type: application/json
access-control-allow-origin: https://kooora4lives.net
expires: Wed, 17 Aug 2022 16:21:11 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 132 B
404 B 531ms
48ms XHR
application/json 185.83.71.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x461272/hbw_master_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.66 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 51557187f182031eff1383ca23dacefdd112af29f7266fb4531b8a60a5c18b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 16:21:11 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 132

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
435 B 532ms
49ms XHR
image/gif 185.83.71.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=561849&site_id=14381&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&adid=uyqk06.44&features=81952&vpbv=N077&tte=362&lifecycle_tte=2008
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x461272/hbw_master_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.66 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 16:21:11 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://kooora4lives.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
52ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 128ms
45ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
12 KB 451ms
450ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2430929597675077&correlator=2651156279446101&eid=31068922%2C31068928&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_970x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&adks=2911869608&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580471296&lmt=1660580471&dlt=1660580469565&idt=1420&adxs=315&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=0&ohw=0&ga_vid=1083353256.1660580471&ga_sid=1660580471&ga_hid=568714051&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

d8966ecf45fde9fc2d5f3bdd89665b074a72f379ed58b681031e8d4a1be93b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12428
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
12 KB 571ms
570ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2430929597675077&correlator=3115216484567675&eid=31068922%2C31068928&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_970x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=2&adks=3293583545&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580471302&lmt=1660580471&dlt=1660580469565&idt=1420&adxs=315&adys=158&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=4&ohw=1100&ga_vid=1083353256.1660580471&ga_sid=1660580471&ga_hid=568714051&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0fc1d0d947eb9bc565d93c1af9f97dc6274156325cd89079953d796c527c6fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12735
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 713ms
712ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2430929597675077&correlator=2793756892673406&eid=31068922%2C31068928&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_responsive_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C728x90&fluid=height&ifi=3&adks=2225463183&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580471305&lmt=1660580471&dlt=1660580469565&idt=1420&adxs=650&adys=860&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=4&ohw=1100&ga_vid=1083353256.1660580471&ga_sid=1660580471&ga_hid=568714051&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f1e99c2f32b6a9fafc6fa838e1d7fc4f20a1074912dc4d4544705d404918520f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 358ms
357ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2430929597675077&correlator=1747373245148467&eid=31068922%2C31068928&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_336x280_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=4&adks=3416689057&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580471308&lmt=1660580471&dlt=1660580469565&idt=1420&adxs=632&adys=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=1100x66&msz=1100x0&fws=0&ohw=0&ga_vid=1083353256.1660580471&ga_sid=1660580471&ga_hid=568714051&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

686c3664eb15e47a122b080780766e1d1cbdaf04c3454f06fef24ad5d39d287a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8447
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
30 KB 423ms
422ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2430929597675077&correlator=4109692112525090&eid=31068922%2C31068928&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=7047%3A202189885%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=2406971207&sfv=1-0-38&ists=1&fas=8&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580471310&lmt=1660580471&dlt=1660580469565&idt=1420&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1083353256.1660580471&ga_sid=1660580471&ga_hid=568714051&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9d2e40c328722f13bdefcc6dbbee3586b26a70a1bc9012fdf6f5d80220ca8589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30983
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 496ms
495ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2430929597675077&correlator=2623543795593978&eid=31068922%2C31068928&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=7047%3A202189885%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=6&adks=4012738480&sfv=1-0-38&ists=1&fas=2&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580471313&lmt=1660580471&dlt=1660580469565&idt=1420&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1083353256.1660580471&ga_sid=1660580471&ga_hid=568714051&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f02611d82e72fff74268fc1f41e887a5129283d94fa5b0e981c2d6c028e6e906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13137
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 181ms
84ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeb2dfe84f66ddfeedcf1d701a504e31240afc9772e726f3881452c0534fc55a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11087
x-xss-protection: 0

GET
H2 200 container.html Show response
b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4504 6 KB
4 KB 154ms
45ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:11 GMT
expires: Tue, 15 Aug 2023 16:21:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022080901.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 37ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022080901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

43e08bfd6875e8d464d705bd0801528ce3b2138ddcebf2f2b969c7c7b0326f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 10:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:35:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Aug 2023 10:42:53 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 145ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 990D 13 KB
5 KB 115ms
37ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 15:39:49 GMT
expires: Tue, 15 Aug 2023 15:39:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2CF2 783 B
1 KB 133ms
50ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a3966b1d5970afb5da5ea892f638c940f89fcf81ce865d611cc5e5b65a7ad725

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FAmjIiHJKivb-fnx6bg1gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-FAmjIiHJKivb-fnx6bg1gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:11 GMT
expires: Mon, 15 Aug 2022 16:21:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B09 6 KB
3 KB 125ms
45ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:11 GMT
expires: Tue, 15 Aug 2023 16:21:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 593A 6 KB
3 KB 48ms
47ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:11 GMT
expires: Tue, 15 Aug 2023 16:21:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207221643000/ Frame 4F97 220 KB
61 KB 164ms
37ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61462
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "006401e583f0e23c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 16:18:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4F97 14 KB
5 KB 229ms
102ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 16:18:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4F97 94 KB
28 KB 236ms
109ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 16:18:05 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4F97 5 KB
2 KB 251ms
125ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 16:18:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4F97 40 KB
13 KB 253ms
127ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 16:18:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4F97 8 KB
1 KB 205ms
121ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

012bb7853079db95a8f44671bc867eec7d09ff13c92794d75ba81003747bfbe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:22:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 16:21:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 16:21:11 GMT

GET
H3 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4F97 3 KB
3 KB 43ms
39ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 19:56:11 GMT
x-content-type-options: nosniff
server: cafe
age: 73500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9421415325968714010
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Mon, 15 Aug 2022 19:56:11 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4F97 344 B
368 B 42ms
38ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:51 GMT
x-content-type-options: nosniff
server: cafe
age: 48260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 16 Aug 2022 02:56:51 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4F97 0
0 119ms
116ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbdpRd3L6YuPXFtTLxwLfsoLwDvKM4oZrgbH90f0P-PqyxY8wEAEgvc-GaGCVuvGBkAegAa-ZuJ4DyAEJqQISlsni1x6xPuACAKgDAcgDCqoE8wFP0Nehs2bU6vXGEjQwuKznbajrBdodw0CClqCiwBUo615Ul5p1ZdS47JftsNzJuZVgh_eep_kbz79Ui3aH6Om4ke6f7YqWGCnlGzU5B8zVxdDvJFCRx-tkCSEEKOA4ZJDrgh_cm2EpAml6JGHInPPIxfvw2_FNzhit2wygSrH1OxI8Qs7EJhqhiaCM3z14tVmpd4BMm2NYhtRdM_kR5yTVMe8-FoCPJQraekwYxotKdNdlT_eJzW4YZoEKfyQY3gGe8O-YWR2fE0enhBAz-5-dbuXUXaDrw5JBXdnFrUoNcOLLZ-DvIDnDbQksOONri6NuNEnABJuT4Oj9A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfIkdh5qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ9I8j0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwKIFAPQFQGAFwGyFx4KHAgAEhRwdWItOTAzNTA4Nzc5MjY5Mjc3NRjgkG0&sigh=_bxrekuxgPM&uach_m=[UACH]&template_id=5000
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14574904898815719446/ Frame 4F97 103 KB
103 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14574904898815719446/downsize_200k_v1

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

324df5d117a1e138320b145ee863862c09b3c359086380979059daa4962f4c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 04:26:02 GMT
x-content-type-options: nosniff
age: 302109
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105632
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 23:25:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Aug 2023 04:26:02 GMT

GET
DATA 200
OK truncated
/ Frame 4F97 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4F97 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4F97 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5f24595c561813ac2757937f6fce099963b3674c573170601808a908c221672

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FF6E 6 KB
3 KB 37ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:11 GMT
expires: Tue, 15 Aug 2023 16:21:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 arj Show response
adipololtd-d.openx.net/w/1.0/ 173 B
591 B 236ms
140ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e88e1001-7994-428f-bf45-0ba7cbcd70c0%2Cf6c96f90-ef9e-41cf-89cd-93bf9db42a37%2Cbf5327a6-822b-415a-bb9c-01a0f1fe9286%2C6d99d93a-e18d-482c-9ff6-b2c093e3ec29%2C7b9ea8d9-1a84-4050-bef1-6e7c7cba4690%2Cce304a22-23d6-4140-a8aa-86badba8796d%2C3dc1901d-346f-49a9-92f5-8973c1163a7b%2C55fa1fcb-2202-43e9-aff0-6166ce7c7182%2Cdfee10e2-071a-4b95-9cc6-a5a57d415edb%2C66dd3360-92a4-4f30-b136-6f9d460ac1d2%2C46e4ea4c-766a-4095-8548-7d0f22e126b6%2Cefdddd90-b692-4d6f-a89d-b7db8f72e6a9&nocache=1660580471912&gdpr=0&pubcid=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea&schain=1.0%2C1!adipolo.com%2C620a5acab6e80f22ac327b74%2C1%2C%2C%2C&aus=300x250%2C336x280%7C300x250%2C336x280%7C300x250%2C336x280%7C728x90%2C320x50%2C320x100%7C728x90%2C320x50%2C320x100%7C320x50%7C120x600%2C160x600%2C300x600%7C970x90%2C728x90%7C970x250%7C970x250%7C970x250%7C970x90%2C728x90&divids=div-gpt-ad-8176806-1%2Cdiv-gpt-ad-8176806-2%2Cdiv-gpt-ad-8176806-3%2Cdiv-gpt-ad-8176806-4%2Cdiv-gpt-ad-8176806-5%2Cnativefluid%2Cdiv-gpt-ad-8176806-6%2Cdiv-gpt-ad-8176806-7%2Cdiv-gpt-ad-8176806-8%2Cdiv-gpt-ad-8176806-9%2Cdiv-gpt-ad-8176806-10%2Cstick&aucs=%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick&auid=556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9ca5f6af0bc4826acb3cc28ffeceef3d7eabf791d8e4ab137e4304dcd9306d94

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kooora4lives.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
867 B 128ms
38ms XHR
application/json 35.156.35.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.25.1-c&referrer=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tmax=2000&gdpr=false

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-35-28.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
x-auction-status: 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 162ms
46ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 15 Aug 2022 16:21:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST /
prebid.smilewanted.com/ 0
0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
522 B 199ms
107ms XHR
application/json 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 617f7bc9ec4bf9735146f5f979ed31d7e7141351dfcfe15773ee903d8529c6aa

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 16:21:12 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
170 B 140ms
47ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Mon, 15 Aug 2022 16:21:11 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://kooora4lives.net
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
1 KB 304ms
212ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bcc5ede292556469a700e8ff7a0c0bc9044a587b59f6b621ffb935fb3720b785

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 16:21:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 325f5287-7f99-4fd8-b151-b3817b5dca33
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
1 KB 251ms
88ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=e88e1001-7994-428f-bf45-0ba7cbcd70c0&l_pb_bid_id=165ab5ea665f33a3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.39256050058105285
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1a34255f86629248f80619e57c30569ad16f856d01adfd050d0a187a4b060177

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 328
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
1 KB 278ms
115ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=f6c96f90-ef9e-41cf-89cd-93bf9db42a37&l_pb_bid_id=166257cfc6c375c8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.34564914731291907
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0766eb9738336f45c8fb97d62da83ba364fae946a8aa98ae2fc4f29a4f172aaf

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 328
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
1 KB 238ms
76ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=bf5327a6-822b-415a-bb9c-01a0f1fe9286&l_pb_bid_id=1675ce3b5a583516&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.9917709538240425
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bea07e81a3b18419a0e7d31385dc6b13660ff3338c2b54e6cc7e966ba2fe6143

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 328
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 331 B
1 KB 214ms
51ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=6d99d93a-e18d-482c-9ff6-b2c093e3ec29&l_pb_bid_id=168f772811ddbe81&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.6482039691912083
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 24dfce58e5f6fa3f6cdd2959194f04c08757849ad8b3e3fb21da34d47732c34b

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 331
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 331 B
1 KB 207ms
45ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=7b9ea8d9-1a84-4050-bef1-6e7c7cba4690&l_pb_bid_id=169e63cfe9b5b3fa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.9511674248707958
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 47f7ecfbd0b9ff7cd8a2de99def60a20b782bf76bcc01bca3f90bc20805ab513

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 331
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 308 B
1 KB 230ms
64ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=43&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=ce304a22-23d6-4140-a8aa-86badba8796d&l_pb_bid_id=1709f2c451cc464&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.44887736581096727
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5149cf14b56cb331459f7ba03e27f17ff83fe2261c556879fffbcb3b402410b6

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 308
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
1 KB 258ms
46ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=9&alt_size_ids=8%2C10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=3dc1901d-346f-49a9-92f5-8973c1163a7b&l_pb_bid_id=1715763285ce75ee&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.8317872714283454
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d2fe4385460edc25cb2f1bfc7bb68d75d55f278d7e710c51ae3d575d6d817985

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 327 B
1 KB 278ms
61ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=55fa1fcb-2202-43e9-aff0-6166ce7c7182&l_pb_bid_id=1720357ad963149c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.20610780401791917
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 863bffea51b0ceb2e67a6b72fac323e661da7f469575a7d05d6f54a69f5bca5f

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 327
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 308 B
1 KB 304ms
70ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=dfee10e2-071a-4b95-9cc6-a5a57d415edb&l_pb_bid_id=173a7a065e729946&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.8119207843720049
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c0267de76da298376bb94a9eb92787cbcdc8cada5bba2f6a674865c048dcb664

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 308
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 308 B
1 KB 314ms
63ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=66dd3360-92a4-4f30-b136-6f9d460ac1d2&l_pb_bid_id=174e538b0839e554&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.39370281985743794
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5b083d13587c8ebdcdc1bc4d1d65245e163842aa0e3181a882356fe58d17ebd2

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 308
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 308 B
1 KB 297ms
45ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=46e4ea4c-766a-4095-8548-7d0f22e126b6&l_pb_bid_id=17539f346f6d765c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.5001961193614806
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ad4bfd0ec0ccf3d84a1135268590fb0fd72818b8f275a0e65806a908752ed2bc

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 308
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 327 B
1 KB 300ms
43ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=efdddd90-b692-4d6f-a89d-b7db8f72e6a9&l_pb_bid_id=176401c6f39afee4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.09533345542667471
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 814d433afa1683240da7e318ddafa6c174cbd622008b30a14c415610132135af

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 327
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 245ms
148ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 15 Aug 2022 16:21:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
1 KB 394ms
302ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f14ace961895fa01e585a7d6bbff3123b88e1ead42db3309f59f3177bcd60525

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 16:21:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f1d2a649-80da-44fa-ad20-a094da5ad640
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
1 KB 377ms
101ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=e88e1001-7994-428f-bf45-0ba7cbcd70c0&l_pb_bid_id=2283efb43cba984a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.6661627529592236
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 65b04581fbcaa9e2ae81c50412a5c1e976dfaf25cee2aabd4308543c83298db0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
1 KB 344ms
68ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=f6c96f90-ef9e-41cf-89cd-93bf9db42a37&l_pb_bid_id=229c803a7b3f7869&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.1495830512816092
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8cb09d6bbf1f871a0e4adffb6f76b310c218520f050efd5755b89541e3f00609

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
1 KB 355ms
63ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=bf5327a6-822b-415a-bb9c-01a0f1fe9286&l_pb_bid_id=230589ca75cc870d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.657780068298446
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7b49d8b0e54e56f9ecf39b90899c8338b9d7dfd0f733e605c71883c0fa51943c

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 332 B
1 KB 337ms
42ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=6d99d93a-e18d-482c-9ff6-b2c093e3ec29&l_pb_bid_id=231faf2cad4db04c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.2040835293332972
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 10e5c71afbbf5c0af544c26e4404839707208e0f679b2864f05fc54d1a2a9770

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 332
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 332 B
1 KB 342ms
44ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=7b9ea8d9-1a84-4050-bef1-6e7c7cba4690&l_pb_bid_id=2327d94ffbff5867&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.5250616195565467
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f2a16274be59ad657643733f729148c16540f8dba5ee270eb94f5d25461c9f6c

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 332
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 309 B
1 KB 392ms
85ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=43&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=ce304a22-23d6-4140-a8aa-86badba8796d&l_pb_bid_id=2335f2b59b09a5ee&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.8755082275997019
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3f2aba76e87ef0315c68aecd6ba66181c03ac66d6162bb3f8e8c7f89a9067b59

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 309
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 330 B
1 KB 383ms
45ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=9&alt_size_ids=8%2C10&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=3dc1901d-346f-49a9-92f5-8973c1163a7b&l_pb_bid_id=234d10ba1e7682d4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.035207323395904044
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c134b16c1c37ace3b769503c1218e65d7aa7d552c5d7c9cb62682415b4e276bf

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 330
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
1 KB 414ms
72ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=55fa1fcb-2202-43e9-aff0-6166ce7c7182&l_pb_bid_id=235bfbbee6336a22&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.9352922468919109
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 28fb7c5cd0defae982abca385225debb15f20197cbe3d741b070f390c9dbd542

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 328
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 309 B
1 KB 407ms
63ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=57&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=dfee10e2-071a-4b95-9cc6-a5a57d415edb&l_pb_bid_id=23658a33e6c268d3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.18675241323122038
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 882bcbbe0b6e278d2745e4db1ded65f1fc9a44fd7d98363388108bf93fb88bdc

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 309
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 309 B
1 KB 397ms
43ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=57&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=66dd3360-92a4-4f30-b136-6f9d460ac1d2&l_pb_bid_id=237a1f2b68dd42a3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.9136491014011878
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3478d39ef0abd569340ddcdcf8413c2edba55f3767079c93dd150c6c89138e88

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 309
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 309 B
1 KB 420ms
43ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=57&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=46e4ea4c-766a-4095-8548-7d0f22e126b6&l_pb_bid_id=2384c3a296ad7ba1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.09109208801650426
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 296039b64fe35c1a53b6b25270c3cf34bed0d59f5b13fd5a90ad0ae0038b96e1

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 309
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
1 KB 462ms
78ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=efdddd90-b692-4d6f-a89d-b7db8f72e6a9&l_pb_bid_id=239f5e4603059124&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.8697484881023378
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2f41be0c2cb0c727fe2d07d3b7160f2dd1a52680f1421bf98a7c8738434a55f4

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 328
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 162ms
71ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 15 Aug 2022 16:21:12 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
314 B 210ms
78ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=14004563268

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 127ms
38ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://kooora4lives.net
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
9 KB 414ms
327ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4c0118fad2e9d4cedd63ac0d1ab2a94a41e51cfd33b89e02dade3e245758f053

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 16:21:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: af0cbcbb-f6b0-4617-a888-d0d214159286
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 304ms
175ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=31284066169

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 16:21:11 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207221643000/ Frame A0BE 220 KB
60 KB 132ms
37ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61462
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "006401e583f0e23c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 16:18:05 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame A0BE 14 KB
5 KB 186ms
93ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 16:18:05 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame A0BE 94 KB
28 KB 190ms
97ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 16:18:05 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame A0BE 5 KB
2 KB 198ms
104ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 16:18:05 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame A0BE 40 KB
13 KB 199ms
106ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 16:18:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A0BE 3 KB
674 B 151ms
150ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:19:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 16:21:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 16:21:12 GMT

GET
H3 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A0BE 3 KB
3 KB 37ms
36ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 19:56:11 GMT
x-content-type-options: nosniff
server: cafe
age: 73500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9421415325968714010
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Mon, 15 Aug 2022 19:56:11 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A0BE 344 B
368 B 40ms
40ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:51 GMT
x-content-type-options: nosniff
server: cafe
age: 48260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 16 Aug 2022 02:56:51 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A0BE 0
0 97ms
97ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXTWdd3L6YqvrFsTC1waovqPIDdr2yZdov8ivrL8OzMeapv0IEAEgvc-GaGCVuvGBkAegAbC6odcDyAEGqQJ1aG6AgB2xPuACAKgDAcgDCqoE8wFP0Crut7XgYEt6KZftzYTC_D__grcTmUfFBKQreZD3ldImxy_hiuJvZOrsWIi_QlXVyRSAH5UsfO26deakTgnfpyX3mQ3Mr-Os1a6ZoqpuFGs8xAyelFTdmdROkFSaBcwD2ZTyr7gH2ULRIL5Tc0dEm_ze_0_jgnEn65IeDVcjrO7-oDVHwSMaDXV3NFj9J2eQh_NqTRFqLZaCKzwLZkI2ut7JsUi0e2w27Jxxdtxt1PQYYGk5HZ7LaEj54J7DzdtUR1C4FrdIEDRz8dVYPT3T0Y5QCOhqPF_Uq6ugexUsAsSaKdt3UhgdH3huEsEvrZkNK3jABMmYqargA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcEENulMtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMMiBQC0BUBgBcBshceChwIABIUcHViLTkwMzUwODc3OTI2OTI3NzUY4JBt&sigh=vGTEzjGIz9k&uach_m=[UACH]&template_id=493
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8A3D 624 B
733 B 150ms
60ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYse_6yAEwAQ&v=APEucNWDl9fglKIE4ZsDxgjwWjMcoMWNA74LlZui6N9RACXPWMR_XzFSAIcXfNhbsSatOP-htVHvM1yqbxBKskg5i39ika4dIQ1vEznwJUHVkEowM1e-gnLS5AhT7FF6e--GmT7mUs_F2_QXDhgyUDpiY1YpV6wzjXvfQfF2IafkYDlOWNi_dQc

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A71B 99 KB
35 KB 204ms
116ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A62ifhnNnb4-4sjkturs9g1cSfH6Abfcd16y0iw1Vmx6X5rPYCImjVYD7k4QH-hkR3vETgWW8jNZrssxx4kert4pDmjfEaU_1jXgCRgY87bWbXFBMJyNKP0JKzk7MICevdIXNqxCJuyINteMXtao3gFD0Ntg&dbm_d=AKAmf-BxeybuL-W3V7yBRdVn8ei8IEG0qYE_kryBCWlHXmIdJe24LMuJoEYtmjbcYogFKGL2rRBp2eEJl7icbSvgxWv3b3WwrSiGHzcH-EII2IayFhEli3p82I7rqCCQPVv7kq8q5Ui6hX2qOP0snP_LaOUy7SRnVLHvPopt98GNzqm0kswQbwUh1Pksv65lL002xUo-CniIG80KUBNaJbTfYQYwXMecpFG1H44627f1oK2y6wqqMReAn_KGS7vhzLrl0umQr_Zo3EF_gwTIjxcMFC18C0v3orFnBlg0XEYlXAnHOdlWSUZZqgK_WFH7jud21grmqlNryrIaJDqPBWXKxc6K5iXv38vmBIOCnmxGXqYHaNAR2RvWAd-85D4Xs1MIr_Xf0K5Zli6P-wXl_0nVPpzBJx0S6DcMpiLDVxounyrMfqvnNbY18iLVWmhzoZj1l-fHaA_119TCvwAHygzmOsoICIvK7dSLACBg6GPmNiF21FUKkLqcjgtonZdfkK-3h1ND4dbGQt7YhR5SquNxkp7Uo3WRlpVftu6ziZlmn3ob6tzRLHqqYicO8YRzd0d6yxB5otlhZEmseR19E3Y31mwsKXhtFFr6YvGgz9w_xDSLOsGBGavp0qsyDa5K2ehpEfbCaEK84TptrZUCZKEEMlLH9092QyHEf9W_KxIc-sUcrU5y9MUzpnx8tLgFZeUYD0dREVJXC_A20Snt81MWgNrk7X-3ZQx-JDBtEuoavOXbVE7wCpbt40ETgXUpjH4PLNN5LmEJNsP6GsJVvoyYHeuoG-ERyfsi1qPuG3hUIzEBuz_sKY_C-nEy3sYe8jsUZg3xyzKIBotwbcoELHBd6b969oh3qWDc8k_IKN0j80sYlJsnWv4eO1ziunz-b21MNF6YsFJOhtyP6_qy0wje-eyWwuKgGxRZ_h28GCQvvB95naieeNUQS1ptlva3PBIV6frd_9nXwTFsxpm3FRy8zcqBB45jJHmmcOEDlIKuPDBn2A2C4LuLHsZoLtlyUid__vAGytr1255Uswt1-wM2gkaZo2AWvofez1CIqGXWd7WzmOvVpB1sdQWOZk3wDl1VhvacVeLgAUd8nP405gM1PZ8A3erFRf6eMSUp_BoLzKZeoSJEeqoAO91Bgi9-blNVusKaAtC8XsdDh0TpOXqnKnzJeGeoe19dF2D_zMLkdJZjhyQfEnOj82K9zzCQg5d2LhaXPcY7Zsdk2jOsq4FvPq8PZPoHEzCOtlUMgoDdhky2EBD2pKP-wVE16JhGkvw9GYxwDy9-RnFlYiQ_qtdezLYhcfaGcO7iRvpnoQHOdpI1Lo2Ng65OebuJWg8kb9t-19Ld2cTk1UABuN8RSnPIp_ksJbs9KVFpa4bJiI7ZXiYgEXc5KXylwIM5HL0qJx9hNggwvYECJYYItoqzZblB6uq3R--8kYkSU27RAWi5kgy0td5MB6-aOqnQzkLwDpLYzuUrqe26QWOJJqTne-r8ym14qA109OFMSUp3a4M3TYeewPbhhoGsEz-qPC0Y8ApmXbStfkDF1jXG9hYU4NRP4D11I8R_wBESXhHrz1dqWvyMOxPmqpLGn7WzePwCPyqJSE9N0l7CHEMAJAcY2UXPG749GnbOf7fSaINmq01L3H_ZN3qvm_9MgnQGJTIa7Udsw7PXB9JrSfxS1mqtTWdwtRORdS2AMz7alVrR2-cgyF3QbC8jTYl4XrMBB6DuWWd6Jvkews0uCz_nFNS51L7VN1RF-KUbeqz8nH-YbA86FZu5DFplUfqYZuG0z-sy2A-yvwsSRVEStrkvMHJvmctxHDdIzARBAwy6lGirBDCfsGMrcM4YulDD-dXUUFUFa1S1fsq7BhlZaIVUuP1MXX50PNuppt2lpOKf9jgAridBF7bVQgxXExQLmpUfRFJ-LqzCTBVcDEiZuxtCpIEHtt5t22V2Gm-1HG7Op_TzsvYR_vc4wWvaj4rNGXET2VeN0V4Sj4AdwoTTFat-aBlNe_X__VhRXdbHeOCr4XP5c2LLBFK4ZLt07Vml93xXZasQ-2p4xb20HL8Vm8kao4sGkWWwfLE6VKfk4spMZ6B2QhlmtjhemRCh1cHuFVm3WOTjQb9hbijG9sZwNku7bRAefiia9Mmvy-LU0SkzPVy6p4OD9fV2Ft8bbokhvFWM9Lv5FJrBgi31t2vz0fBFR7BQsNZndopRQcLE4e5nBGpPUebRkrNc8WM52U7kx6_alV74h6_o6ueNHa67BMPDT13ubLi_R3z2MkohGH8xwvv8Q_fCkwqvhByZxoxxNjL4KqPs547YM3gjPT5JuAzvBJmExeQwdVA5s-Cy9pFFA8ZK_c24-CvvijZW1KeMlLeqjGr3ED5U_HiTEtOTfLoY7726IZoPfHBe1CZ9Qq9lugBCXodQfzBsC1711tnvoKwAVe42KV5CxJxM5WuqTRR6-xugF2P1LdhHZ28zkrYHHmPq3g7uwnEr5XKsGx8yyiqPOYpQ4fUCPUb_X151S21tFq357poC1JQeqSB2XnB73piW1tuSO7cB8gQHWRlVMndi0QsOXs85-dOKcujTgXvM7Q4Mkub3N4f5TRC9sOD4msxYMrtzxOPZ77DXtPzV_2bw5L9teWWyLXvAArJsGqWYPVyJSeEvSKCdBP_vXOttqxcvpiabxAe1X6NaD1lB1zq-0RMNo8T3sTiyruZ7rcpklf0_i9kr8hxMcByzZLIXLjr6KquspfGggKjmAjiWeJsSpHelE6sIAL96UgIAk_c6f9z5DE5lkqBQNmlIvdK7l1FZtW8qZP6msmMEx7Qi5Q0o2ILigrpD7JgREmTZhuMKIRQhnJODZg7f9CDwIY50cgyDMQ-4YUiP01djybDZ9DHbkq-BJwFV78MDtKSDwkyTh-oglYYurGp-APqvSFwhNufqRNkUckdeol0XtDS8GG2B4NIHUymZlG-Hz8CgE0NRkhZOWL608iqp9eZ_s3a3mlHLs6S5rdo7BSrGMQ7Bjx_gbXyECdiRXeR4tY5tZ7htK04BjS9pJJiY7Q7dTFUI8tsrtbx9eTTQMLLbzH7uQkzZX5vw3dhT2P_EIvO6unKNl4GdsnIUgPAo6I4LRDbRWbSl9_pfOeQeiQrzp40ihjZUckPhUf_ih4VrwaNiakgn9iwYuUceSq6bT5Pzcqf6oGTHRKTFLvPwMvF7oUU&cid=CAASJ-RoRI2xraQk8uC7jwel8HAOnTgllNJ945HrZl1rB-1iJWoUjkSxOw&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f8c58c495cbcbb6d56e6cc071aefd71729a314604c6d6d30292a3a39fa68b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame A71B 3 KB
1 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame A71B 17 KB
7 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:14:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A71B 0
0 133ms
47ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkBjywXiPr01b2M2C_XKdMItBaIGQEkkTiCF_kY56EuGB4DbMdpKSCGkR4uZs2kiDZzxIkeQtCg20Yx3yAsicdpmzQ-A
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A71B 140 KB
43 KB 224ms
138ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A71B 42 B
63 B 158ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BF3JYouJfM-clD1qs1f3Az-X1FhJy_9Bh8h_QLy-rC7iobldPVQFQAHVBORRk2gYgQM4sGEo5JZTQS0SZ4mtquhy1awEdVFcA7Q_3iZOXrbblltY8

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 593A 4 KB
732 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:12:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 16:21:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 16:21:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A8FC 5 KB
667 B 131ms
47ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:16:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 16:21:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 16:21:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame A8FC 2 KB
902 B 55ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:19:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame A8FC 23 KB
9 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:10:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame A8FC 3 KB
1 KB 58ms
55ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A8FC 140 KB
43 KB 123ms
55ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame A8FC 17 KB
7 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:14:48 GMT

GET
H2 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame A8FC 32 KB
14 KB 124ms
37ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 14:00:52 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 593A 19 KB
8 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
server: cafe
etag: 14969459707636190018
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:05:56 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 593A 205 B
294 B 132ms
48ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:34:10 GMT
x-content-type-options: nosniff
age: 6422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 15 Aug 2023 14:34:10 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 593A 604 B
918 B 131ms
47ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 15:36:31 GMT
x-content-type-options: nosniff
age: 2681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 15 Aug 2023 15:36:31 GMT

GET
H2 200 8474361924823778003_222548466414923371.jpeg
static.doubleclick.net/dynamic/5/74695522/ Frame A0BE 82 KB
83 KB 122ms
38ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/74695522/8474361924823778003_222548466414923371.jpeg

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aee0691c1e66565ade6bc5004cba455f209b8999411b3887f45281fdd270a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 11:43:00 GMT
x-content-type-options: nosniff
age: 275892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84076
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 07:47:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 11:43:00 GMT

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame A0BE
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

38ms
37ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:12:04 GMT
x-content-type-options: nosniff
age: 288548
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Aug 2023 08:12:04 GMT

Redirect headers

date: Sun, 14 Aug 2022 18:59:23 GMT
x-content-type-options: nosniff
server: cafe
age: 76909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/624907996767536446
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Sep 2022 18:59:23 GMT

GET
DATA 200
OK truncated
/ Frame A0BE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9057f053c23ec7f79a0ccbc7e389ea12fdbe601d346f6b794822ddd062a4dee3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2CF2 0
0 113ms
72ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080901&jk=2430929597675077&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 74B9 624 B
445 B 90ms
61ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNUbTIwW4RcmGIy1UiK6lbUJCIN1eMKhUo5RCJe1l-_bIP9Lj1tMKmZRQqpl5KFNgYhn3zC7LUKSA9-cDrwDY70qacmluXHrduGYgfZYSsGP-NHpvX9-LCVERwaBM39K4l1kBGLUCEZmEksoj6GFfpCSr02aE6MpmKs98Kx9zCAspdERycA

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:12 GMT
expires: Mon, 15 Aug 2022 16:21:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EED9 83 KB
34 KB 106ms
80ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5w1yNnMeeKRLkplUnXgaqPkK8mmXNzERfl0dRky77GxuLsfpTsi43jgOj62AM5FR_y6PBWcKcJfpQvWQNNr5AjKYG5FRQ7XWXvbph1zAy-kA88Q1Ew0vwZc3VtMfKP2E9Mh7X4IlBdxLeFpNE_E6U7tW_8A&dbm_d=AKAmf-D7AiCAK84AKrjd3U2_6QTa_nQJuGu1j0QbnM46DKA4GOEumXugZUplgK6hB-etiqwiZXZsVUGEQQyXjS7lD1dv8dC0zlxUgd5I5cPpuwrVLMvKtA-KaErj6ctf2BhqUQdUuewVfSy7as1E6m33wKOsyqw1nMm-8fReMOVeSECUQOnkF6NzF0bZZ06Fe31p4zUS2mYTnit9d4Ns1kQTRcN6sLB5W-8ez-CK0NSIg8TtvlSn3HIuXhaigy2rfoaqXGOm92DS74leleNpjwrAb1N_YBjCenWvWHmJDM-h0bb_kWyREoXt467uqRpoZ-4bt31XhjmcGzAhB3SQ0d9QoXgNyHCmQRr8i0eRRMCfJ-hN1Kd-jisJkftdNNshr0RKUxIryCaEIxErtkaGnKrm23gLekb6yN5RZ70U6e4e6MvBuEG9L2EydEc0QiC-P-7wBGMHZJ3yGQNYb8G4s25vkhQfvyYn3k1Ux8sg6HK133lFisyJ6ifN1MA71pUP2Y8E5d3mM0rSXe7Da3mjiCI6zhRyQ7FknZpUVDTYC4QDdwE9MCU7A3cgL2eyEegNVkvRraaN_OPkcUUaWIai9PkwhRap3kHdcpMPm0-SGGRA6Djeb2AMxW-glyAABxu7-gaHhrngKG2adbJkWTO4zTQHZe6bfcDTbovD-TDVX2lcVyhKTpK8mp7LioWnLDLhbH3aiE-6k6mmgi4tL7ZisZXeKPtDb4xH4nPhJr_4m-ZozQqQBiiTH-jlgaDhfuRGMgNXhUfbmvAqYV6Tx8LprXfQ7XdJjrc5bF7Fl4BkZmcT7Dn3zLQvqEcvgtMalnmntKh38N-0iExDXz1kaka8m1gfczhaFOPVpVLN6Akglr7q8VJqRd4nJBNlzAUi0KgorOtbRIyVrWlGAs5yU8lLT4QLdYB9YrPZnTbCaGQXKsX-27F4G5780GgwSNtJjsupSb6TlH7gbppJ60GYDiguCvY264h-Lx5EV-R7LbI3XZVVDoGiGVq5wDEuGpCxhvQE1LMPBCMy9jvu5W-3QT224KSwaK-cukVlaJM6GWPkzVS6hNTd-nPmQ_4vh38d8MASJ14OH7jEHnuj_YejJM21CjhwJAFMgC305Mu7S5qtCSqKEgKqI77Bp1B9RYgRXkyESvg7kbKzmbkOi2dYb_lGyG0ic36uKztKG9vIatpcRvBT0R7dmnJMcYMD8n_Ktqooj3jslPu5QkcB3Vi-eFt3HSP1pEZ_Cw06ZCYDjBTFHbRw9mim-3D3YpXDUD0SbGCGd7LZZ1NWPqX3MMtFc55AV3VTRCwg8LCXCkLXvTzbVLGoWHbkiiG_Dg_CIFfHDCQkFyA5FtWTBWzVZPLX-dlolLtlrFiFN3CCe2oLj0FW5NrUeUPfF33tEf8OWkUdjRwtgGp51zssl1yOik5f8a3OC9eGjkPV2OcBvOQef7fDBMnj10x_dpRmMldpR2hcjPqMr5VB_4Qe8iaQ04-LQSWGIU3FwVhtPU7pk3A0WWk8SuBucDDEQnWr_zHgrq1x_970iFOTvtASrd9L2dhWBnr3LBRKbTGGNYC-Yo3C49jESr_gW4fsTP5Lc7cQ4k3fqHpSwjzXi504ACBkNay0kfWRMIdjnAhrkIz8RdQ9Om54Ldj4Rz3cggPMDe8KJ7U3z4Mg9ZaDGGd44d8vxodTwdNOJkHynR_ObWZ_8UT60ofS-eZt8JiswKiFV6PZKHpHHICwojw3fZMzB4-EoS-76scQS8CYX1R-PbB8a8IQBTZn3OnXKx5_NJk0LDFcPjpKvZe0neCbWxJdRUTMuyQgHd1M97JwZaQ1o4gjFiYct_Vk7aHVhBXvv-Cs6EEZLwrlTA818fNqcS14ADjDdBL-wcJG2mq2pH1fV-z5FrlEJC45Bv0ots6oMJ8rVsxt3o1hoNG0U7zJONSjumHaOnR_Tn-hq3pv_eGZAKQMdrrm3_tP1MrE-goeFs__53EiAt_pbKwPMRFvNrb_6Yr6Ob16_FMPnZZ3R2t401Yrsxq7KAgmHN4qNoT-AEYVO-P7U3VMQsu0MqNufgUWbu9vOoxDfZNKg_lEzEZbsTSBKHqpJ5KGPDlGy4R5Sem9CRVacc_cqEcqGRXqEBVisajkRWc6r59o7-vlxBJOF7dYrt7MYDsLwLSmdnj5_2LoiQFUobsLkis3HVskwSy8gmSnzXhkMNDDxxNRkkJd9-7y5IxjiQzb2t8zLIATCYsisZY8-xNAdH-ciuQmFQeK7WpBMeuiKASZ0bhGsLqGxmhfZBRZm2C6B0hdp4kalstfP2HRssQgUFDfBpXAWU6qDRYMF3Ycj4SJfiZbs4qw5fs7daZpsYkS-Neyo5OavE9-bQGLm2StUn5EiFFhB4rhXsZObB_MrWn795CTkLJ-gc5fXVUo2kIz01Q5HxjiRSE5EdTKBRORtWSeWsM3iz2jqiS5s5YKDS4NoVemV1lQoinjOdJCAqQGgjyE1kBLrnr8EEpMteuK1kfXrMQ_JttN7Kc9250T6vurzXNTlFc127iJoycJ_GY9XodYoV53m5v8snDe7INNm5zWekQPTnvRFxR7Ejs00YWwYrj0onfC1Iys8ESN4R35WpcxpXWrHEr1sQxXE6mYrtCoXiW9RgKUM1VwM_qZkocgvtLcEceUtUYV6lSiiAzimyEnvhTGHkWXrZZWpmOY-zG8Sv2dUAY8MzJGvTdG_n1K5ZEwT4dDYeDF4SH-yIpOVSiPbkyydlhPCHsFAl1uRQTrt8hzsAdk7IIAMj6jxHgNHPxJMX49G2ozSCT3EtdzhdXm3s3B4e35S9SZ1uYhy-VmAJ4L6seV6cO_MIan9qxSQRCft8GmkAg5e-gkKbj4lVSNPTHHU-PV_hLTcCumXTjJf9zg7bLYJhXiB7S4GRWwUtO19izvFNyJ6buQmwB2k4KM2V1uzvzwjPuifcCw513gClnIXkN6Iaad8OBh6MnHyxd2acZauKA585Mr6OA_9rPyTXcSgtSVKvGahTdC20RpwMEE1yB_CUDeo68KPbR5cGjHuqN-rkxwpMRkp3JXIkclCwEUuOuAqDkKWm4luVeiJi6XTZrgwHHw8dCA7jrLJ3kTgr-FBgrgzZrMQpE34qvv2jz71CH7zXnxYtQ8Zn1yifreP7mYdt9pfaB2YZaZQj4ZCAhbc_VgKaz-bPcoTnkNhtLfHyr-Ydb3X3FZcsp6U6mSuj2Do38LitrTgOTk5siFzyAk9FdWFAzIvZvcQ-VIKcQbAAF8BkJdSU3_UKny-gtUqJineG5CPWLCy1fc4uiPrCyy6hAwtMPbfnl5A4kGSBYlBSHk2L8QHYo6-9EPOyUl_aGa59OPqnX5CxZrCa0utOqb8R2zEQ&cid=CAASJ-Ro0-4_8PPqieqUB1qBkJF_cPJ77tUg3Jz7Y-7WInSNLkeKx64eLA&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad02b19518e56e52b942d8aadf80bf2892d0f3bcb74b3d183cf211938154d8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34856
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame EED9 3 KB
1 KB 55ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EED9 140 KB
43 KB 99ms
76ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame EED9 17 KB
7 KB 55ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:14:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EED9 0
0 67ms
45ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQl4xgCbzxb2s_O-cdvXy85DQTP48NjAsak_ccig_oYsDcurOlJvYoEMbRX-kNAyRoqEiseI5u8UYoLf87Xkt55o0xQ8w
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EED9 42 B
63 B 93ms
72ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3tir6FC19ZfzYwdZd2isa4aiy-1KF8dp3-IDdwMROKmtMd4Tj1TXsIPlRKRrl9V9sOir4aK9qEqi6B1-CVjUYgnB0dAF4sO0DJWAkIZVfvw0Z8Yo

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 22A7 6 KB
3 KB 49ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:11 GMT
expires: Tue, 15 Aug 2023 16:21:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 990D 36 KB
14 KB 45ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:19:12 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 4F97 44 KB
44 KB 121ms
37ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kooora4lives.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 578943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 23:32:09 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 33F4 143 B
222 B 86ms
84ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 15:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A0BE 20 KB
20 KB 60ms
59ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kooora4lives.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 497252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 22:13:40 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A0BE 21 KB
21 KB 75ms
75ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kooora4lives.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 22:44:27 GMT
x-content-type-options: nosniff
age: 495405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 22:44:27 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 72F1 640 B
316 B 140ms
61ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjD65C_ATAB&v=APEucNVSdHIIE1OdiHrRibWMr8Xm1btMp_LiFqmWhxE07k4wCr683wjQrH3QNaTTPzzV41v0uw95IvPSdvMX-HaQ_EFPnIpnxxNgvBsfEeNklU_WaAgHPqwTbuaX5a5q0ev-sOREgoeGNQ97iCthBZNtkuBXL0ufe_WeSL5VyqCvuq_uoQPtVFA

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 22A7 80 KB
33 KB 155ms
76ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjyUl8UC55ycykeihawZlp-r8YO9NYaWlY6JVO8Yy8dLebovxzTSnPr7UAqHj0yqKIS8KxqGaqD5nsXiYaEHwNPMWP0Q&cry=1&dbm_d=AKAmf-AU7POgwxzmTZx9GL7LEAY1oQS5VhDBZfwOGN-3euxJptT2iiVDaoWihRarTbV984XPPOQuZ0UtIZWwjQ96hsf5i3kM6IM-F3OwqEVFP-TTxjNvrLaVP3PYrQTL9Oq8Uzwehde1uk0LgWZ0EV46axsyPYgX8mKcdQbgRcYPy7lDEa8ChXmSyxww39mu3u8ZvMz2Nm5ArOB-BbZA42R9piL-7E9UotP83QKhy1QKa4DK-gFNuC_gkltWXTOSI-rkM5TE0AP2n9z9eu85kp0hWwEMg6QUvnUuPMlF-lqpjw5SLC5Y2QeXY36LfQb58muFuXbosLH8Fm-b_dhx8eRG6FWdAKbj6CvDf3phLTwiEMtd0i1n5rf_ruqXku-MNQBQJJTvlc9NI6MBskapDJ9oy5qdpqUtNUFTZaIhbrNyKmaCsVeWu2gHCoU3kzZ2bj4JGMA8dSQZx__P4RPadQi1OLTUYxz3-NQegIcQ1_H4V1y5nkZtnf8sBD50LufnXo36Qrr3RAiNmI3jNOBOYMen8SzAkRJ9dW0C_KuPYcKLdH0bhwKpORoz5GmVAENFMMBRckqhAcY-OXyuQIgbZgO2UsGKK0US6nThgJ0pvP3aO8fSFQ04cVJ_NLrTclFDGHf2Oa9lBYljLHXnwu4P4ziyDCU8RZbrDl5NUqmVwoizoOTVElcdMA438mNlgiQ-fIpQ7UOhWjZProyWp0GPZCm6S9yLze_tmv40cwgLX40FBdYMSbdf-ZJwAlzBcz2L_MuibEwE9PQM7z9LO0Z0FknQJRapeg8aI2VCbYqz5Kk-jS4JRk_PiritoH92mvY0mGGb-MU-5uejnj9cOHsrdtYT2SD44H8G0tFW7XgbW0y6j_ilDy8qirPfo-1VW4r_NmnNGCvnSOS7doAGvkZLgDDECZ3P4_vAZOPlpIDbfp8XWnU6iaDNPc-wbUnGjSqu2m1bdg9HBcIq9nFTeAEteolDogzA19CSFg8uY1Acv1H2puqs9iq3in4rPw0uGIeQI7cQp99XUNg3o96n6zYPAKKOFfics8npXkWdBAOVndy63tHB48hS5adYI3_1UXgAAyNDYp5P08wJjBORhYz46jMP_L1CDnWLlF_5erFxSorOvHZmkA0uUlqNGq4cSoYpQJWLmsNxWclJsoMGXx1g0nKyBmJqEhphvhFCQT40wM8rIMkLYnwIq-ujajzwEQDe7uKXzQ-Fc_o4kVD4prcFex8mZGloUs-dnjc9gNJWCbftc7JCdRSqpbjABFlxRutXQAFKf0tZ6muIKOXel84Yl-aez0cV60xHPFvgP6aqkSfBRQgzKUQKAoLWNPTVI8Q5v8vqHA9DiO9mpaWTCORnqSgRMH7Sv1f6b779sM30Z2YN83d-EkKqWZaC06fXrcUrNLDslFCkpiLGk4chuiEfsmH1fPmq67lDZiYUhye92H3B2tP0R7ucHh99WjJOPY2fVTuLQ1vunSlt891lhjo1V_fzo1mlcM_ypO75D6qcHT7D9H6qZhWXasK87sNfqA3mwG0K2UX3opH-dq1vkdOK8wtHoOYnjKNc3mqr7e5ds7H4nR3ibx_XnWs9SMC1Fl0zH9ulcip7_XhPs8-slwRpQBFZWAGpXQmeFsicXNhN6F7XqvF4P3_BWgz92SMcUMdXxwQOK9xih2cxBgmDV-Vk8-wE-IpnZB7aacPi6p2qoUfhwPbw8IUWLF_o2B1w3r6TRN1wfVX2Q56kqVzQz7MKnf3GBEwhK4jOTRNAs3Xlwk8WtxcwnEIVhuyr9JDChnS8ODxYcvu4Guu0r3ixdz8xm6GnI6b0KBpy_2ZQTXA11F4lMPRduNisbECnjo-o8hpThHaU3RflrhKTmziQpZqeNudaSAF1PxIHQrg05woF7JNsIWkgFihfAYj85YGofz3uAWWDNeKGxrHCjTGr-xu9d9e9bgkpJrMnYYUj_hPATM2ye0xYMfXB9G0UyRAFOlM_OjAnfyMAkqsw_4XM0cduCFJsLYWm4frACjQ6MswQbFZjzdu9hUdGTm0ezxEMfqxnInWZG_J53yJaZEGVJvsS6D4pLNXU9rRYbu9R9rUqS-U8VNLQAYzmiEEpI9cIAg2_6j3M9kGab-_81rP4MVgZZKDOs0A3CE14XsH5go_aW2JONz7WU-t8oFvlLUvH1ILwwmYD7KrRt9-fx2An9ZeE9vpG4pCpmYtJ4zOpVYjRa7YrLbl7LgE3Eqf0HH1VyO6Zvuu4lZ5bGS677aMl4donEZHMFWkxpqroXe5ccbgRIsi80pwgaY7hBJQGKnVcwMFlfZHQuILrvcoXf6ZbjlZ4ESCZeNrsRR66hPaqUwwipPYaCoLsjixfSnp6Mcb9ufwMKGcIpgldt7kfRV_bSAL5MqEGU4Jno5otGfnK74I5xRC24l47gp-AiubBPPWpFALjFTqBsbB-Fl8Pjl95RrnBK7-jtxGoBzDk3BGa2du-O5xaRLbB2G-rYWQ07kuWUuDvBYGcaxe49fSbktC7Wol0FpR4dD6HKEBM6tu7oQEZ47-MRJJoq41qyjll2GWc19YIV-ElvbcfIj0z0nNqDBSKzk_LD10O5ZeluBeGlpk_P7-MklIUxQPd3Dx_TwbOB8GTYe5G-mXTqrBq1LQzEWICFOZYS_qF5LWPhjhH2mTiFV-dw-pJsi5KohGxHNYyswBOoltnGcixXZwUt_YY094BnIaVMsbANVEqMFBC2EuQMJ0sPq526ZUZDFz8rww5W8wd0WI-8TJkGW00IQOzhouKcaw-LjH86lu5VWd1F_uBrDnCB4pQ1tOA25erXGztttvTYbPTUJ5LKxc-qWUQZ0oOdADY1smAxvIo6oonoRlFfvZTo0admnojwWVC7CeGvNBvSj1IpGqU41YzYZLvaZ6O5IHZBvcsfX3Tk1OM8iWSLxunrKQi-0FpYdRb30ge3tk2_8OjjEyDrYtXcDrMKXZrPxvYxgke0CJf-QzbqfdCZsqMi4bOhHEWhRwNm8aju-6nkl0_gKesQxUsoxM-M-Gz__GEumtR2BOddiab2PWTKFrQYpppEsXoEgMXLPOlAtyugkcMqbrB_N5XFnUd49866bIZUr4xtrWwrgCm3U9Uq4WHcupsnGNJkNRukbXCLsg-vDr-1kqpEnsRzZps7jj2gqxy4Nl19kv-e5HqpwYpc2HQiCHLssmBJaxcRBRgEEswAEmgRmXlGKnxha_Br0PcMnWjuuogrYRP0v_kI3We34M1gyUd1JMMJfH_4MaosDWmWCUvGN3uNORvNcbm-eijCa2jcqctPu2ofA&cid=CAASKORoGgvJ8EB1ieFjTAcVusZ4D9coK1B91uFefW7pbgGby72sROrQPLE&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9700c7f7a3f4486aeed37c45c5f26ac789894f03d564dc291f2b699e3f214713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34180
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 22A7 42 B
63 B 74ms
70ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BuxOin-dVQC3pX7zQxzGllshr6vbV-9q6yyDroNVEI-n4PhwN0Ym0RvD0v5VlG1oWBSA1gTetgYzcsC25_r264Xyo_2C2yxGWgtBTqaXkISnXQmxg

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 22A7 3 KB
1 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22A7 140 KB
43 KB 56ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 22A7 17 KB
7 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:14:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 22A7 0
0 48ms
44ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtm9QfOmyjprxtJX-9R9wObLWq2ECWVvrBJ0WtWqij7z1MQK7FP0d9kOqPEdhnX6Bww8chL8LfmyrJJA6VFb8Pg3J-DQ
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8A3D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1

43 B
904 B

88ms
56ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYse_6yAEwAQ&v=APEucNWDl9fglKIE4ZsDxgjwWjMcoMWNA74LlZui6N9RACXPWMR_XzFSAIcXfNhbsSatOP-htVHvM1yqbxBKskg5i39ika4dIQ1vEznwJUHVkEowM1e-gnLS5AhT7FF6e--GmT7mUs_F2_QXDhgyUDpiY1YpV6wzjXvfQfF2IafkYDlOWNi_dQc
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b34310edc39b8f-FRA
pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQoH59A5TR8mUuj1Wtb9eUEdrGuj07rlUrgPL1v%2FtASCbVvEGCLiaz0zLH4waGvuclMtj4KXfB9IZXZEWhs0tSx9emUe1vvO7ChRmf0sf3cQySoG70KEWPAEAbH6cyRoeLDOdrnxRuRfCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8A3D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvpyeL8d7SG6SamEocLP1wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1

43 B
909 B

62ms
62ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYse_6yAEwAQ&v=APEucNWDl9fglKIE4ZsDxgjwWjMcoMWNA74LlZui6N9RACXPWMR_XzFSAIcXfNhbsSatOP-htVHvM1yqbxBKskg5i39ika4dIQ1vEznwJUHVkEowM1e-gnLS5AhT7FF6e--GmT7mUs_F2_QXDhgyUDpiY1YpV6wzjXvfQfF2IafkYDlOWNi_dQc
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b34311ef1f9b8f-FRA
pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiUkRXPQQXE6McIVEY8WffNjdk%2F1AwZBmeFhC80BY39GRsxTCJNUk5Iut6BMjg7%2BtMUouqI4q8BibAdK%2BWQTEMaH2DrVXGPI25L2ztWVNlTv9v7x3k7WdztQ54fyuOXQQBszh2DM7fhMAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8A3D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIEs2z52vwQL6zSDgNmsUUk&google_cver=1

43 B
1014 B

46ms
46ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIEs2z52vwQL6zSDgNmsUUk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYse_6yAEwAQ&v=APEucNWDl9fglKIE4ZsDxgjwWjMcoMWNA74LlZui6N9RACXPWMR_XzFSAIcXfNhbsSatOP-htVHvM1yqbxBKskg5i39ika4dIQ1vEznwJUHVkEowM1e-gnLS5AhT7FF6e--GmT7mUs_F2_QXDhgyUDpiY1YpV6wzjXvfQfF2IafkYDlOWNi_dQc

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 87701cab-d008-46c9-888d-1c0ac4c52b5f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIEs2z52vwQL6zSDgNmsUUk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A3D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyMDE5NDA4NTE5NTgyOTc1Nw%3D%3D

170 B
188 B

126ms
48ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyMDE5NDA4NTE5NTgyOTc1Nw%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5fae8d80-4ce6-4b68-b5e8-71e426439730
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyMDE5NDA4NTE5NTgyOTc1Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 74B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1

43 B
945 B

86ms
52ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNUbTIwW4RcmGIy1UiK6lbUJCIN1eMKhUo5RCJe1l-_bIP9Lj1tMKmZRQqpl5KFNgYhn3zC7LUKSA9-cDrwDY70qacmluXHrduGYgfZYSsGP-NHpvX9-LCVERwaBM39K4l1kBGLUCEZmEksoj6GFfpCSr02aE6MpmKs98Kx9zCAspdERycA
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b34310edc59b8f-FRA
pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqTjsMb5HzyCMCwIAK0%2FE9MGs2lUhW3%2Fl1wYxmIRUG1CHvRWiDg%2BP1FZIhAJiy16OP63lgiZtdQbiD3z9%2F0Bfn%2BbkVlwPY5icRhveGa0JkA3l44sk7HjsU91IMkTnpSpG777s5sqskw5eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 74B9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvpyeL8d7SG6SamEocLP1wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1

43 B
913 B

55ms
55ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNUbTIwW4RcmGIy1UiK6lbUJCIN1eMKhUo5RCJe1l-_bIP9Lj1tMKmZRQqpl5KFNgYhn3zC7LUKSA9-cDrwDY70qacmluXHrduGYgfZYSsGP-NHpvX9-LCVERwaBM39K4l1kBGLUCEZmEksoj6GFfpCSr02aE6MpmKs98Kx9zCAspdERycA
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b34311ef1c9b8f-FRA
pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxCIutwABsq%2FcqAeD9M6DrpXY9N%2BfB%2BKIy2bHw1psTfhBj1YfH%2BNx5GFIpGXugUBgP5dOJ6nkhNygpLzQ%2BzFN5NbxUj4NeBeNVR4TOpUyZNAapnX%2FqdZ2vHZseJtrBhG87dTsE2FkuNr6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMLozUuN8lf1tHI8jRC5mc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 74B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIEs2z52vwQL6zSDgNmsUUk&google_cver=1

43 B
1014 B

43ms
42ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIEs2z52vwQL6zSDgNmsUUk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNUbTIwW4RcmGIy1UiK6lbUJCIN1eMKhUo5RCJe1l-_bIP9Lj1tMKmZRQqpl5KFNgYhn3zC7LUKSA9-cDrwDY70qacmluXHrduGYgfZYSsGP-NHpvX9-LCVERwaBM39K4l1kBGLUCEZmEksoj6GFfpCSr02aE6MpmKs98Kx9zCAspdERycA

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0e529cde-451a-47f0-a145-a93497cb2f15
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIEs2z52vwQL6zSDgNmsUUk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74B9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyMDE5NDA4NTE5NTgyOTc1Nw%3D%3D

170 B
188 B

113ms
47ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyMDE5NDA4NTE5NTgyOTc1Nw%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:12 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 430902ff-7399-4f2a-9e20-b15e3e47d98b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyMDE5NDA4NTE5NTgyOTc1Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame EED9 106 KB
38 KB 164ms
38ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Origin: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame EED9 8 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5w1yNnMeeKRLkplUnXgaqPkK8mmXNzERfl0dRky77GxuLsfpTsi43jgOj62AM5FR_y6PBWcKcJfpQvWQNNr5AjKYG5FRQ7XWXvbph1zAy-kA88Q1Ew0vwZc3VtMfKP2E9Mh7X4IlBdxLeFpNE_E6U7tW_8A&dbm_d=AKAmf-D7AiCAK84AKrjd3U2_6QTa_nQJuGu1j0QbnM46DKA4GOEumXugZUplgK6hB-etiqwiZXZsVUGEQQyXjS7lD1dv8dC0zlxUgd5I5cPpuwrVLMvKtA-KaErj6ctf2BhqUQdUuewVfSy7as1E6m33wKOsyqw1nMm-8fReMOVeSECUQOnkF6NzF0bZZ06Fe31p4zUS2mYTnit9d4Ns1kQTRcN6sLB5W-8ez-CK0NSIg8TtvlSn3HIuXhaigy2rfoaqXGOm92DS74leleNpjwrAb1N_YBjCenWvWHmJDM-h0bb_kWyREoXt467uqRpoZ-4bt31XhjmcGzAhB3SQ0d9QoXgNyHCmQRr8i0eRRMCfJ-hN1Kd-jisJkftdNNshr0RKUxIryCaEIxErtkaGnKrm23gLekb6yN5RZ70U6e4e6MvBuEG9L2EydEc0QiC-P-7wBGMHZJ3yGQNYb8G4s25vkhQfvyYn3k1Ux8sg6HK133lFisyJ6ifN1MA71pUP2Y8E5d3mM0rSXe7Da3mjiCI6zhRyQ7FknZpUVDTYC4QDdwE9MCU7A3cgL2eyEegNVkvRraaN_OPkcUUaWIai9PkwhRap3kHdcpMPm0-SGGRA6Djeb2AMxW-glyAABxu7-gaHhrngKG2adbJkWTO4zTQHZe6bfcDTbovD-TDVX2lcVyhKTpK8mp7LioWnLDLhbH3aiE-6k6mmgi4tL7ZisZXeKPtDb4xH4nPhJr_4m-ZozQqQBiiTH-jlgaDhfuRGMgNXhUfbmvAqYV6Tx8LprXfQ7XdJjrc5bF7Fl4BkZmcT7Dn3zLQvqEcvgtMalnmntKh38N-0iExDXz1kaka8m1gfczhaFOPVpVLN6Akglr7q8VJqRd4nJBNlzAUi0KgorOtbRIyVrWlGAs5yU8lLT4QLdYB9YrPZnTbCaGQXKsX-27F4G5780GgwSNtJjsupSb6TlH7gbppJ60GYDiguCvY264h-Lx5EV-R7LbI3XZVVDoGiGVq5wDEuGpCxhvQE1LMPBCMy9jvu5W-3QT224KSwaK-cukVlaJM6GWPkzVS6hNTd-nPmQ_4vh38d8MASJ14OH7jEHnuj_YejJM21CjhwJAFMgC305Mu7S5qtCSqKEgKqI77Bp1B9RYgRXkyESvg7kbKzmbkOi2dYb_lGyG0ic36uKztKG9vIatpcRvBT0R7dmnJMcYMD8n_Ktqooj3jslPu5QkcB3Vi-eFt3HSP1pEZ_Cw06ZCYDjBTFHbRw9mim-3D3YpXDUD0SbGCGd7LZZ1NWPqX3MMtFc55AV3VTRCwg8LCXCkLXvTzbVLGoWHbkiiG_Dg_CIFfHDCQkFyA5FtWTBWzVZPLX-dlolLtlrFiFN3CCe2oLj0FW5NrUeUPfF33tEf8OWkUdjRwtgGp51zssl1yOik5f8a3OC9eGjkPV2OcBvOQef7fDBMnj10x_dpRmMldpR2hcjPqMr5VB_4Qe8iaQ04-LQSWGIU3FwVhtPU7pk3A0WWk8SuBucDDEQnWr_zHgrq1x_970iFOTvtASrd9L2dhWBnr3LBRKbTGGNYC-Yo3C49jESr_gW4fsTP5Lc7cQ4k3fqHpSwjzXi504ACBkNay0kfWRMIdjnAhrkIz8RdQ9Om54Ldj4Rz3cggPMDe8KJ7U3z4Mg9ZaDGGd44d8vxodTwdNOJkHynR_ObWZ_8UT60ofS-eZt8JiswKiFV6PZKHpHHICwojw3fZMzB4-EoS-76scQS8CYX1R-PbB8a8IQBTZn3OnXKx5_NJk0LDFcPjpKvZe0neCbWxJdRUTMuyQgHd1M97JwZaQ1o4gjFiYct_Vk7aHVhBXvv-Cs6EEZLwrlTA818fNqcS14ADjDdBL-wcJG2mq2pH1fV-z5FrlEJC45Bv0ots6oMJ8rVsxt3o1hoNG0U7zJONSjumHaOnR_Tn-hq3pv_eGZAKQMdrrm3_tP1MrE-goeFs__53EiAt_pbKwPMRFvNrb_6Yr6Ob16_FMPnZZ3R2t401Yrsxq7KAgmHN4qNoT-AEYVO-P7U3VMQsu0MqNufgUWbu9vOoxDfZNKg_lEzEZbsTSBKHqpJ5KGPDlGy4R5Sem9CRVacc_cqEcqGRXqEBVisajkRWc6r59o7-vlxBJOF7dYrt7MYDsLwLSmdnj5_2LoiQFUobsLkis3HVskwSy8gmSnzXhkMNDDxxNRkkJd9-7y5IxjiQzb2t8zLIATCYsisZY8-xNAdH-ciuQmFQeK7WpBMeuiKASZ0bhGsLqGxmhfZBRZm2C6B0hdp4kalstfP2HRssQgUFDfBpXAWU6qDRYMF3Ycj4SJfiZbs4qw5fs7daZpsYkS-Neyo5OavE9-bQGLm2StUn5EiFFhB4rhXsZObB_MrWn795CTkLJ-gc5fXVUo2kIz01Q5HxjiRSE5EdTKBRORtWSeWsM3iz2jqiS5s5YKDS4NoVemV1lQoinjOdJCAqQGgjyE1kBLrnr8EEpMteuK1kfXrMQ_JttN7Kc9250T6vurzXNTlFc127iJoycJ_GY9XodYoV53m5v8snDe7INNm5zWekQPTnvRFxR7Ejs00YWwYrj0onfC1Iys8ESN4R35WpcxpXWrHEr1sQxXE6mYrtCoXiW9RgKUM1VwM_qZkocgvtLcEceUtUYV6lSiiAzimyEnvhTGHkWXrZZWpmOY-zG8Sv2dUAY8MzJGvTdG_n1K5ZEwT4dDYeDF4SH-yIpOVSiPbkyydlhPCHsFAl1uRQTrt8hzsAdk7IIAMj6jxHgNHPxJMX49G2ozSCT3EtdzhdXm3s3B4e35S9SZ1uYhy-VmAJ4L6seV6cO_MIan9qxSQRCft8GmkAg5e-gkKbj4lVSNPTHHU-PV_hLTcCumXTjJf9zg7bLYJhXiB7S4GRWwUtO19izvFNyJ6buQmwB2k4KM2V1uzvzwjPuifcCw513gClnIXkN6Iaad8OBh6MnHyxd2acZauKA585Mr6OA_9rPyTXcSgtSVKvGahTdC20RpwMEE1yB_CUDeo68KPbR5cGjHuqN-rkxwpMRkp3JXIkclCwEUuOuAqDkKWm4luVeiJi6XTZrgwHHw8dCA7jrLJ3kTgr-FBgrgzZrMQpE34qvv2jz71CH7zXnxYtQ8Zn1yifreP7mYdt9pfaB2YZaZQj4ZCAhbc_VgKaz-bPcoTnkNhtLfHyr-Ydb3X3FZcsp6U6mSuj2Do38LitrTgOTk5siFzyAk9FdWFAzIvZvcQ-VIKcQbAAF8BkJdSU3_UKny-gtUqJineG5CPWLCy1fc4uiPrCyy6hAwtMPbfnl5A4kGSBYlBSHk2L8QHYo6-9EPOyUl_aGa59OPqnX5CxZrCa0utOqb8R2zEQ&cid=CAASJ-Ro0-4_8PPqieqUB1qBkJF_cPJ77tUg3Jz7Y-7WInSNLkeKx64eLA&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame EED9 30 KB
12 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:20:27 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A71B 170 KB
59 KB 169ms
78ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Origin: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame A71B 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A62ifhnNnb4-4sjkturs9g1cSfH6Abfcd16y0iw1Vmx6X5rPYCImjVYD7k4QH-hkR3vETgWW8jNZrssxx4kert4pDmjfEaU_1jXgCRgY87bWbXFBMJyNKP0JKzk7MICevdIXNqxCJuyINteMXtao3gFD0Ntg&dbm_d=AKAmf-BxeybuL-W3V7yBRdVn8ei8IEG0qYE_kryBCWlHXmIdJe24LMuJoEYtmjbcYogFKGL2rRBp2eEJl7icbSvgxWv3b3WwrSiGHzcH-EII2IayFhEli3p82I7rqCCQPVv7kq8q5Ui6hX2qOP0snP_LaOUy7SRnVLHvPopt98GNzqm0kswQbwUh1Pksv65lL002xUo-CniIG80KUBNaJbTfYQYwXMecpFG1H44627f1oK2y6wqqMReAn_KGS7vhzLrl0umQr_Zo3EF_gwTIjxcMFC18C0v3orFnBlg0XEYlXAnHOdlWSUZZqgK_WFH7jud21grmqlNryrIaJDqPBWXKxc6K5iXv38vmBIOCnmxGXqYHaNAR2RvWAd-85D4Xs1MIr_Xf0K5Zli6P-wXl_0nVPpzBJx0S6DcMpiLDVxounyrMfqvnNbY18iLVWmhzoZj1l-fHaA_119TCvwAHygzmOsoICIvK7dSLACBg6GPmNiF21FUKkLqcjgtonZdfkK-3h1ND4dbGQt7YhR5SquNxkp7Uo3WRlpVftu6ziZlmn3ob6tzRLHqqYicO8YRzd0d6yxB5otlhZEmseR19E3Y31mwsKXhtFFr6YvGgz9w_xDSLOsGBGavp0qsyDa5K2ehpEfbCaEK84TptrZUCZKEEMlLH9092QyHEf9W_KxIc-sUcrU5y9MUzpnx8tLgFZeUYD0dREVJXC_A20Snt81MWgNrk7X-3ZQx-JDBtEuoavOXbVE7wCpbt40ETgXUpjH4PLNN5LmEJNsP6GsJVvoyYHeuoG-ERyfsi1qPuG3hUIzEBuz_sKY_C-nEy3sYe8jsUZg3xyzKIBotwbcoELHBd6b969oh3qWDc8k_IKN0j80sYlJsnWv4eO1ziunz-b21MNF6YsFJOhtyP6_qy0wje-eyWwuKgGxRZ_h28GCQvvB95naieeNUQS1ptlva3PBIV6frd_9nXwTFsxpm3FRy8zcqBB45jJHmmcOEDlIKuPDBn2A2C4LuLHsZoLtlyUid__vAGytr1255Uswt1-wM2gkaZo2AWvofez1CIqGXWd7WzmOvVpB1sdQWOZk3wDl1VhvacVeLgAUd8nP405gM1PZ8A3erFRf6eMSUp_BoLzKZeoSJEeqoAO91Bgi9-blNVusKaAtC8XsdDh0TpOXqnKnzJeGeoe19dF2D_zMLkdJZjhyQfEnOj82K9zzCQg5d2LhaXPcY7Zsdk2jOsq4FvPq8PZPoHEzCOtlUMgoDdhky2EBD2pKP-wVE16JhGkvw9GYxwDy9-RnFlYiQ_qtdezLYhcfaGcO7iRvpnoQHOdpI1Lo2Ng65OebuJWg8kb9t-19Ld2cTk1UABuN8RSnPIp_ksJbs9KVFpa4bJiI7ZXiYgEXc5KXylwIM5HL0qJx9hNggwvYECJYYItoqzZblB6uq3R--8kYkSU27RAWi5kgy0td5MB6-aOqnQzkLwDpLYzuUrqe26QWOJJqTne-r8ym14qA109OFMSUp3a4M3TYeewPbhhoGsEz-qPC0Y8ApmXbStfkDF1jXG9hYU4NRP4D11I8R_wBESXhHrz1dqWvyMOxPmqpLGn7WzePwCPyqJSE9N0l7CHEMAJAcY2UXPG749GnbOf7fSaINmq01L3H_ZN3qvm_9MgnQGJTIa7Udsw7PXB9JrSfxS1mqtTWdwtRORdS2AMz7alVrR2-cgyF3QbC8jTYl4XrMBB6DuWWd6Jvkews0uCz_nFNS51L7VN1RF-KUbeqz8nH-YbA86FZu5DFplUfqYZuG0z-sy2A-yvwsSRVEStrkvMHJvmctxHDdIzARBAwy6lGirBDCfsGMrcM4YulDD-dXUUFUFa1S1fsq7BhlZaIVUuP1MXX50PNuppt2lpOKf9jgAridBF7bVQgxXExQLmpUfRFJ-LqzCTBVcDEiZuxtCpIEHtt5t22V2Gm-1HG7Op_TzsvYR_vc4wWvaj4rNGXET2VeN0V4Sj4AdwoTTFat-aBlNe_X__VhRXdbHeOCr4XP5c2LLBFK4ZLt07Vml93xXZasQ-2p4xb20HL8Vm8kao4sGkWWwfLE6VKfk4spMZ6B2QhlmtjhemRCh1cHuFVm3WOTjQb9hbijG9sZwNku7bRAefiia9Mmvy-LU0SkzPVy6p4OD9fV2Ft8bbokhvFWM9Lv5FJrBgi31t2vz0fBFR7BQsNZndopRQcLE4e5nBGpPUebRkrNc8WM52U7kx6_alV74h6_o6ueNHa67BMPDT13ubLi_R3z2MkohGH8xwvv8Q_fCkwqvhByZxoxxNjL4KqPs547YM3gjPT5JuAzvBJmExeQwdVA5s-Cy9pFFA8ZK_c24-CvvijZW1KeMlLeqjGr3ED5U_HiTEtOTfLoY7726IZoPfHBe1CZ9Qq9lugBCXodQfzBsC1711tnvoKwAVe42KV5CxJxM5WuqTRR6-xugF2P1LdhHZ28zkrYHHmPq3g7uwnEr5XKsGx8yyiqPOYpQ4fUCPUb_X151S21tFq357poC1JQeqSB2XnB73piW1tuSO7cB8gQHWRlVMndi0QsOXs85-dOKcujTgXvM7Q4Mkub3N4f5TRC9sOD4msxYMrtzxOPZ77DXtPzV_2bw5L9teWWyLXvAArJsGqWYPVyJSeEvSKCdBP_vXOttqxcvpiabxAe1X6NaD1lB1zq-0RMNo8T3sTiyruZ7rcpklf0_i9kr8hxMcByzZLIXLjr6KquspfGggKjmAjiWeJsSpHelE6sIAL96UgIAk_c6f9z5DE5lkqBQNmlIvdK7l1FZtW8qZP6msmMEx7Qi5Q0o2ILigrpD7JgREmTZhuMKIRQhnJODZg7f9CDwIY50cgyDMQ-4YUiP01djybDZ9DHbkq-BJwFV78MDtKSDwkyTh-oglYYurGp-APqvSFwhNufqRNkUckdeol0XtDS8GG2B4NIHUymZlG-Hz8CgE0NRkhZOWL608iqp9eZ_s3a3mlHLs6S5rdo7BSrGMQ7Bjx_gbXyECdiRXeR4tY5tZ7htK04BjS9pJJiY7Q7dTFUI8tsrtbx9eTTQMLLbzH7uQkzZX5vw3dhT2P_EIvO6unKNl4GdsnIUgPAo6I4LRDbRWbSl9_pfOeQeiQrzp40ihjZUckPhUf_ih4VrwaNiakgn9iwYuUceSq6bT5Pzcqf6oGTHRKTFLvPwMvF7oUU&cid=CAASJ-RoRI2xraQk8uC7jwel8HAOnTgllNJ945HrZl1rB-1iJWoUjkSxOw&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame A71B 30 KB
12 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:20:27 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 72F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVxUPwFIwNu8I4VHQh-rJ4&google_cver=1

43 B
61 B

87ms
46ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVxUPwFIwNu8I4VHQh-rJ4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjD65C_ATAB&v=APEucNVSdHIIE1OdiHrRibWMr8Xm1btMp_LiFqmWhxE07k4wCr683wjQrH3QNaTTPzzV41v0uw95IvPSdvMX-HaQ_EFPnIpnxxNgvBsfEeNklU_WaAgHPqwTbuaX5a5q0ev-sOREgoeGNQ97iCthBZNtkuBXL0ufe_WeSL5VyqCvuq_uoQPtVFA
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVxUPwFIwNu8I4VHQh-rJ4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 72F1 43 B
131 B 52ms
46ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjD65C_ATAB&v=APEucNVSdHIIE1OdiHrRibWMr8Xm1btMp_LiFqmWhxE07k4wCr683wjQrH3QNaTTPzzV41v0uw95IvPSdvMX-HaQ_EFPnIpnxxNgvBsfEeNklU_WaAgHPqwTbuaX5a5q0ev-sOREgoeGNQ97iCthBZNtkuBXL0ufe_WeSL5VyqCvuq_uoQPtVFA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 72F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJDz9VlmvEYT5qkWxa8PixU&google_cver=1

23 B
172 B

230ms
91ms

Image
image/gif

23.47.209.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJDz9VlmvEYT5qkWxa8PixU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjD65C_ATAB&v=APEucNVSdHIIE1OdiHrRibWMr8Xm1btMp_LiFqmWhxE07k4wCr683wjQrH3QNaTTPzzV41v0uw95IvPSdvMX-HaQ_EFPnIpnxxNgvBsfEeNklU_WaAgHPqwTbuaX5a5q0ev-sOREgoeGNQ97iCthBZNtkuBXL0ufe_WeSL5VyqCvuq_uoQPtVFA
Protocol: H2
Server: 23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-72.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 15 Aug 2022 16:21:12 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEJDz9VlmvEYT5qkWxa8PixU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 72F1 23 B
172 B 321ms
90ms Image
image/gif 23.47.209.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjD65C_ATAB&v=APEucNVSdHIIE1OdiHrRibWMr8Xm1btMp_LiFqmWhxE07k4wCr683wjQrH3QNaTTPzzV41v0uw95IvPSdvMX-HaQ_EFPnIpnxxNgvBsfEeNklU_WaAgHPqwTbuaX5a5q0ev-sOREgoeGNQ97iCthBZNtkuBXL0ufe_WeSL5VyqCvuq_uoQPtVFA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-72.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:12 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 15 Aug 2022 16:21:12 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 122ms
46ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 122ms
46ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 118 KB
35 KB 779ms
778ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2430929597675077&correlator=1963592210382257&eid=31068922%2C31068928&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Ccube%2Ckoora4live%2Ccube2%2Ccube3%2Crich%2Crich2%2Csky%2Cresponsive%2Cresponsive3%2Cresponsive4%2Cresponsive5%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F5%2F4%2C%2F0%2F1%2F2%2F6%2F4%2C%2F0%2F1%2F2%2F7%2F4%2C%2F0%2F1%2F2%2F8%2F4%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2F4%2C%2F0%2F1%2F2%2F11%2F4%2C%2F0%2F1%2F2%2F12%2F4%2C%2F0%2F1%2F2%2F13%2F4%2C%2F0%2F1%2F2%2F14&prev_iu_szs=300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C728x90%7C320x50%7C320x100%2C728x90%7C320x50%7C320x100%2C320x50%2C120x600%7C160x600%7C300x600%2C970x90%7C728x90%2C970x250%2C970x250%2C970x250%2C970x90%7C728x90&ifi=7&adks=2970954390%2C1370635809%2C3434856133%2C2810031837%2C1126810291%2C2355895160%2C289759596%2C1309765914%2C2639330056%2C1588386032%2C4139080419%2C3317283087&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-8176806-5%26is_vmhbmp%3Dtrue%26hb_override_id%3D4763233%26hb_buyer_id%3D21895%26hb_r_id%3D29100ef53ea0c215%26hb_site_id%3D14381%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D409f6aaa945b4122%26hb_bidder%3Dappnexus%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Ctest%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fhome5%252F&sc=1&cookie=ID%3Dd562cb2546f0669c-2236843ecbd4004f%3AT%3D1660580471%3AS%3DALNI_MbQdLqF5IlzGSWCBvXJdLt5JnrphA&abxe=1&dt=1660580472433&lmt=1660580472&dlt=1660580469565&idt=1420&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C640%2C-9%2C315%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C1625%2C-9%2C1625%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C2%7C-1%7C3%7C-1%7C-1%7C-1%7C-1&ucis=7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1100x0%7C0x-1%7C1100x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1100x0%7C0x-1%7C1100x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C4%2C2%2C4%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C1100%2C0%2C1100%2C0%2C0%2C0%2C0&ga_vid=1083353256.1660580471&ga_sid=1660580471&ga_hid=568714051&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

4640e2da76072350a981b0d59d16d7dd92787d43a9994272a0dbe901d0a68a23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35371
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-2,-1,5850403633,-1,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-2,-1,138374456572,-1,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 22A7 170 KB
59 KB 115ms
39ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Origin: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 22A7 8 KB
3 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjyUl8UC55ycykeihawZlp-r8YO9NYaWlY6JVO8Yy8dLebovxzTSnPr7UAqHj0yqKIS8KxqGaqD5nsXiYaEHwNPMWP0Q&cry=1&dbm_d=AKAmf-AU7POgwxzmTZx9GL7LEAY1oQS5VhDBZfwOGN-3euxJptT2iiVDaoWihRarTbV984XPPOQuZ0UtIZWwjQ96hsf5i3kM6IM-F3OwqEVFP-TTxjNvrLaVP3PYrQTL9Oq8Uzwehde1uk0LgWZ0EV46axsyPYgX8mKcdQbgRcYPy7lDEa8ChXmSyxww39mu3u8ZvMz2Nm5ArOB-BbZA42R9piL-7E9UotP83QKhy1QKa4DK-gFNuC_gkltWXTOSI-rkM5TE0AP2n9z9eu85kp0hWwEMg6QUvnUuPMlF-lqpjw5SLC5Y2QeXY36LfQb58muFuXbosLH8Fm-b_dhx8eRG6FWdAKbj6CvDf3phLTwiEMtd0i1n5rf_ruqXku-MNQBQJJTvlc9NI6MBskapDJ9oy5qdpqUtNUFTZaIhbrNyKmaCsVeWu2gHCoU3kzZ2bj4JGMA8dSQZx__P4RPadQi1OLTUYxz3-NQegIcQ1_H4V1y5nkZtnf8sBD50LufnXo36Qrr3RAiNmI3jNOBOYMen8SzAkRJ9dW0C_KuPYcKLdH0bhwKpORoz5GmVAENFMMBRckqhAcY-OXyuQIgbZgO2UsGKK0US6nThgJ0pvP3aO8fSFQ04cVJ_NLrTclFDGHf2Oa9lBYljLHXnwu4P4ziyDCU8RZbrDl5NUqmVwoizoOTVElcdMA438mNlgiQ-fIpQ7UOhWjZProyWp0GPZCm6S9yLze_tmv40cwgLX40FBdYMSbdf-ZJwAlzBcz2L_MuibEwE9PQM7z9LO0Z0FknQJRapeg8aI2VCbYqz5Kk-jS4JRk_PiritoH92mvY0mGGb-MU-5uejnj9cOHsrdtYT2SD44H8G0tFW7XgbW0y6j_ilDy8qirPfo-1VW4r_NmnNGCvnSOS7doAGvkZLgDDECZ3P4_vAZOPlpIDbfp8XWnU6iaDNPc-wbUnGjSqu2m1bdg9HBcIq9nFTeAEteolDogzA19CSFg8uY1Acv1H2puqs9iq3in4rPw0uGIeQI7cQp99XUNg3o96n6zYPAKKOFfics8npXkWdBAOVndy63tHB48hS5adYI3_1UXgAAyNDYp5P08wJjBORhYz46jMP_L1CDnWLlF_5erFxSorOvHZmkA0uUlqNGq4cSoYpQJWLmsNxWclJsoMGXx1g0nKyBmJqEhphvhFCQT40wM8rIMkLYnwIq-ujajzwEQDe7uKXzQ-Fc_o4kVD4prcFex8mZGloUs-dnjc9gNJWCbftc7JCdRSqpbjABFlxRutXQAFKf0tZ6muIKOXel84Yl-aez0cV60xHPFvgP6aqkSfBRQgzKUQKAoLWNPTVI8Q5v8vqHA9DiO9mpaWTCORnqSgRMH7Sv1f6b779sM30Z2YN83d-EkKqWZaC06fXrcUrNLDslFCkpiLGk4chuiEfsmH1fPmq67lDZiYUhye92H3B2tP0R7ucHh99WjJOPY2fVTuLQ1vunSlt891lhjo1V_fzo1mlcM_ypO75D6qcHT7D9H6qZhWXasK87sNfqA3mwG0K2UX3opH-dq1vkdOK8wtHoOYnjKNc3mqr7e5ds7H4nR3ibx_XnWs9SMC1Fl0zH9ulcip7_XhPs8-slwRpQBFZWAGpXQmeFsicXNhN6F7XqvF4P3_BWgz92SMcUMdXxwQOK9xih2cxBgmDV-Vk8-wE-IpnZB7aacPi6p2qoUfhwPbw8IUWLF_o2B1w3r6TRN1wfVX2Q56kqVzQz7MKnf3GBEwhK4jOTRNAs3Xlwk8WtxcwnEIVhuyr9JDChnS8ODxYcvu4Guu0r3ixdz8xm6GnI6b0KBpy_2ZQTXA11F4lMPRduNisbECnjo-o8hpThHaU3RflrhKTmziQpZqeNudaSAF1PxIHQrg05woF7JNsIWkgFihfAYj85YGofz3uAWWDNeKGxrHCjTGr-xu9d9e9bgkpJrMnYYUj_hPATM2ye0xYMfXB9G0UyRAFOlM_OjAnfyMAkqsw_4XM0cduCFJsLYWm4frACjQ6MswQbFZjzdu9hUdGTm0ezxEMfqxnInWZG_J53yJaZEGVJvsS6D4pLNXU9rRYbu9R9rUqS-U8VNLQAYzmiEEpI9cIAg2_6j3M9kGab-_81rP4MVgZZKDOs0A3CE14XsH5go_aW2JONz7WU-t8oFvlLUvH1ILwwmYD7KrRt9-fx2An9ZeE9vpG4pCpmYtJ4zOpVYjRa7YrLbl7LgE3Eqf0HH1VyO6Zvuu4lZ5bGS677aMl4donEZHMFWkxpqroXe5ccbgRIsi80pwgaY7hBJQGKnVcwMFlfZHQuILrvcoXf6ZbjlZ4ESCZeNrsRR66hPaqUwwipPYaCoLsjixfSnp6Mcb9ufwMKGcIpgldt7kfRV_bSAL5MqEGU4Jno5otGfnK74I5xRC24l47gp-AiubBPPWpFALjFTqBsbB-Fl8Pjl95RrnBK7-jtxGoBzDk3BGa2du-O5xaRLbB2G-rYWQ07kuWUuDvBYGcaxe49fSbktC7Wol0FpR4dD6HKEBM6tu7oQEZ47-MRJJoq41qyjll2GWc19YIV-ElvbcfIj0z0nNqDBSKzk_LD10O5ZeluBeGlpk_P7-MklIUxQPd3Dx_TwbOB8GTYe5G-mXTqrBq1LQzEWICFOZYS_qF5LWPhjhH2mTiFV-dw-pJsi5KohGxHNYyswBOoltnGcixXZwUt_YY094BnIaVMsbANVEqMFBC2EuQMJ0sPq526ZUZDFz8rww5W8wd0WI-8TJkGW00IQOzhouKcaw-LjH86lu5VWd1F_uBrDnCB4pQ1tOA25erXGztttvTYbPTUJ5LKxc-qWUQZ0oOdADY1smAxvIo6oonoRlFfvZTo0admnojwWVC7CeGvNBvSj1IpGqU41YzYZLvaZ6O5IHZBvcsfX3Tk1OM8iWSLxunrKQi-0FpYdRb30ge3tk2_8OjjEyDrYtXcDrMKXZrPxvYxgke0CJf-QzbqfdCZsqMi4bOhHEWhRwNm8aju-6nkl0_gKesQxUsoxM-M-Gz__GEumtR2BOddiab2PWTKFrQYpppEsXoEgMXLPOlAtyugkcMqbrB_N5XFnUd49866bIZUr4xtrWwrgCm3U9Uq4WHcupsnGNJkNRukbXCLsg-vDr-1kqpEnsRzZps7jj2gqxy4Nl19kv-e5HqpwYpc2HQiCHLssmBJaxcRBRgEEswAEmgRmXlGKnxha_Br0PcMnWjuuogrYRP0v_kI3We34M1gyUd1JMMJfH_4MaosDWmWCUvGN3uNORvNcbm-eijCa2jcqctPu2ofA&cid=CAASKORoGgvJ8EB1ieFjTAcVusZ4D9coK1B91uFefW7pbgGby72sROrQPLE&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 22A7 30 KB
12 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:20:27 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EED9 41 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 17:19:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 33F4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

62ms
62ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 16:21:12 GMT
expires: Mon, 15 Aug 2022 16:21:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A71B 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 17:19:05 GMT

GET
DATA 200
OK truncated
/ Frame A71B 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d8dead7ca9ab7e2cd512571abe3159ac5c312e9f3c9cc10fcf604e68c924087

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/ Frame B1E6 6 KB
2 KB 114ms
38ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69baa42b5243c9fad39140cd27772eb779a829f93bbc325e2e695fd8b74f4371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 108648
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2318
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 10:10:24 GMT
expires: Mon, 14 Aug 2023 10:10:24 GMT
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EED9 0
622 B 181ms
85ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstctLeTp1ll2xxVsyaihtuT6B6mNF0WIB22ntTfdivQo-tELwGVrjMIoNWokOw9Arx84Azn80JjGLiTpIekTvlU8kae-Won0CGyOnJ-JNCBXaAD1veO3uvCHSFxPugsmpO-_9Ea-ltksct6MFIqd6eoMNsVRDA-MAtSGaxSoVwFVvtOPCBLdFKXgFkCGPs2ATLeYwA4KRkBXoy7fEisRdSIilgLCsicI6vO7ucffR1r166Nrvh7KNDzUm6GC-GBhYRXE-pNBbtIuHvCciR4TyovEV6rWid99VqDm8t3uRFeeiiDWZ2BZYPjS2Uc3FZMxbLjKpXtEJbDRxyRFVmFk7AUJ2xavjvapaph3mnfXZvz7hWlV_26AwUuYVAFOiBEEuxhbrb2SvvgMoF0wuEjiBRNdKJtVKrvYGfJ_bGFw_atslt1S12li5FMjwFpr57UTvtUOz40nGY_CyiTCHrdLPujtgIJ3dOd6UC2uyGwc1mdH6YeFsWNbCfvTQqa0lGfBbTtRuNLk4E0EKGdliOk47dx6QBFv63IDVlkEJFI2MBi3c8NaHpm2MkTItjbc_Kr9HzLhoL9Ovc63kCtQr4IIVYhPO5GmSgMNXR34BeEO0LXFl7xATegHdJbM4ieZk1ftP65Sr9iNOSRbXeMUc10L4CjCsBEdVebXyFil6TSvlfbc3OXldTqndyw33H48blU6Vkz2bPX4QoWpeHEDV7qk5wpLuTYs_nP5_PvnKX8_puz1ZX1cmhhO6VFhdXXYXFEanFjy25rsBKiX3-amx2QuaW8BnvdWdKL7-1U09M2TZ5vFCfTUtE59-9VQnywKDwTdDLV2KidMxsge5HJ6_11vT_jENJXxhQIG0zZ-ig16j-_WfDQlG-k4qoI39d9gb7cGOne4wp0nyG_r4JA69ZH-BNEEnrXSE-yfh7W0T58ZtbbJrP1fhEdye3AM5La4Ou7NEeDBE-hjIkrB37IB7kGOWs7P-hMxQLVsU5ljAzAGIGmMnaX0sQ4erKixOB_iluDXrX9cHU9_IZAXrNHaPVGMKKUgTi7J4E5fbaFLFXbJK4FSdL1pb37BlQeWLp9Uwc60YG5m023LEsn5OTy8UOsFck6KsJkGJTOGGmxvXzOnD6K_lTRn1_9UDm1T6BApSOucOGFUXs99dLeWOeIpnBz3NzWkvx_dVjxgNxHq_bDpCGuJSGSxEuo6zbozajMTXZNw0BNPCif8IXh_uqLCh5ooq5qZteCokhKGGMMau7Foq09gW1RBS5PiJe3TX78-kzCttFriEfDxEEWfSqDyXDIZR83x0SXWcNVkNYw5fo4Fw&sai=AMfl-YSm1IhMcYNhH9we2wUfOhognVSF-8CASFd83L-xgg8ymLFS2N_HL8GMcJTVRkMK949-H1I-YlJaqxc7xIcj0j1PG7jYuw4O01S6tgj0Dwd_7Cpo4sc5Rn-Mcj6HDbtmjYdbJfJrGy5b48XeOnYFvHhzm-ok0-Fo6_5r6S2U6ZJ7X11VKuV59qgH5Fl9-36iF8sRzDBiE7MUMKjQ6bEIROSj3yRCFOY&sig=Cg0ArKJSzNawvYyROd8mEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=261&cbvp=1&cstd=258&cisv=r20220810.14525&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 15 Aug 2022 16:21:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 990D 0
12 B 37ms
37ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ytX5JQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0CB7 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 342126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 17:19:06 GMT
expires: Fri, 11 Aug 2023 17:19:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E554 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 342126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 17:19:06 GMT
expires: Fri, 11 Aug 2023 17:19:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 99 KB
9 KB 85ms
47ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

338cc71e3573fc434aa46c637c9d7b2706e57ee1b893417aebc91308b0254f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:12 GMT
expires: Tue, 15 Aug 2023 16:21:12 GMT
last-modified: Tue, 17 May 2022 15:50:56 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A71B 0
64 B 141ms
85ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusBSZKi5ewmQnIwClYs0Hiry6xrsJAKj4jz7oj73AtFd0nh3kl8mdhfbDRIVCcfI8zUv8Mjpj_27t-4XkA-_Pdcykuz4Ol_51RFGLnNueJUgkdf2uuMMICYH_3jMaf0bgsY4oDSeXpHiA2-QocNqqbBWoAUH8KKrTiZ59EgwnJctB_UXy-HTYhv2kczsVY9Y9lKvDiBzdjqwsawf4AdP-69gOQa1CS9dz4bDX_gclV8tQ5FFz3MOUAnF85u2X4xR5j6Cmy44x9sUebVSAc1jmegrhX3YQc55JCiBnbW_bkpEgBeN_WUm76u8kizoF2ABkSKVm9Drh1PIP3MnBCZDuIEwst8EazuBPLt8WtNU892Xs4dZAKsZ3M7GHpIUnU4Jgalp6a-cspHfNRMHw-i4jRL8uz5EEzb_l9Fo2sbad2Dj8sZFJNtdnasDfzxOKMjyNv1UQNXNHgYEoTC2AA6PpViUeqNrysinCjGPJL1KiuizJZNi6IXhKE7qVRo9i_2nV_AXKzo0gG9DWpSnpnMh0jiV6CVAkTBd0M6j6NdN48qH6Ic91MAeRvF5laUnUELX3qN5jVC60Fx3mBILX5c2fJ_H3mNT1_46TKxsMUVmcw1Ebz4z5dPF0I0C6YWxhSwhYAG0BEgdL2-Dg_MFa9-WVwFXU53R9TDRzAQV29rSoBc-HbUXMtK-h0wOz2v0ZU9sHtIBPntrb2fze7Q615sCRYAX7LeE6XbjSxjCc81GQPMZeQBgQu-AyWcFXfUKEJQ603ehr280nR2CTH_LpXQlvEsBeJNnbFI9ZZ-9PR2xk8DziKrjVdTLcxZcKE39aVhnEbkcAQxw2WyTY8EyJMnlIUmL5LhA-21fobfJOWabhKQFqyTZq8XYoSJz9eWI5fuh_p5K_EjEF1QgdzAToDBxfpLg8ZfdL1-DFwiZFKHw8eClR7e-tiea7viiHscBD3_a13zUELlipxd1yjWfJ0QD70SvqmZ-Xs6TUbIWcuItMuxnlp0p1p7reOqMCzxRVFK1AJTKbtJp6d51k-z8JEmtINo7fnjQyq4qf8pbssfM4IH4QJyGbDHuMhi_qpbUOEkMSk6GKK1OXdWQciWz8xMuWUDvWUjijg2PhwPXS9DbIFNGi5hT8BuXgCBz03tOA-L3MA84g4URAbqmq2FWx3FckA6fwbaXWZfUnfcijXgKt89-y3-kviHw&sai=AMfl-YSjfOoUE68jfq0akW8mqgw8jD7T0aDE3vEJY_OB6vb12eG-8UXkgxR55FrjR0MSUiezIQ7juCU1vVa-68Z0XUyrOyPvzJ_0iOneeB8ywr0P_RiKJTLoKYyOu4cWSqwPqwY2fcYuORP91vzEiAz2SCLtgBKM2D8D4lVnSSpiM0m96P4yAOZmoABLykXRRvmvX6WRbiVBuMPNPizg5SD35CTp7MoOEN8&sig=Cg0ArKJSzCcXgFv5N4PxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=267&cbvp=1&cstd=261&cisv=r20220810.56788&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 15 Aug 2022 16:21:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 22A7 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 17:19:05 GMT

GET
DATA 200
OK truncated
/ Frame 22A7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e05f59424cc1448509671ba2990ea2f6e73ffdeefeaa9c5a2b1933ca14892a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9520564935839426931/ Frame A4DE 4 KB
1 KB 48ms
48ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9520564935839426931/index.html?e=69&leftOffset=0&topOffset=0&c=Ec9jvVE5dT&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03ccb28d3c0800ef0361cde499af29fe99b708827459f52f99eb4c85079ca308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1141
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:12 GMT
expires: Tue, 15 Aug 2023 16:21:12 GMT
last-modified: Thu, 28 Apr 2022 09:04:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 22A7 0
64 B 84ms
84ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulyJWcFnDgKXU547KOU5W3QS-PKd8sOU5xQXC1YZUk8WzzKo8co38ESVnT8Mit4F9q_DwZm0nPq7TdVe6QrB9t4F77hFNW53atXtzRjlkG7IIYOoXl8ZooOq9zddhfJ1_9kCTzeiRTGM3SsVkJxxiyS6ls6x_SabxeiN5v9XaWuH6Oc1dQBnbeEQEdBVezVQWNM_tnLf8Ox7w0Ll-0n03tIjyZ-qCkqlPVer5N-W-FNyIPz26XIvqQ1Lc94Ejb2SgnstHHNqb284W_loEMB4pvHE24VeyKWc0UmqhU9swNYYvUdJgHeIyMDLB3UpBfO18fHPQosNcIMWnH79KMAQTvG9HV1-Sxh8z6XK-S6nOM_kLTTLQO7MdUNlDzTEHs1-Q64oaKsP7H23sHXClgTJBTRYq4MSbKW3PjQcfn74DpDraXq14FMmUjd0xrwTxbtIiwOCl67C-0sJfrBQp_KkpGatKjUA_JQN9hA6rNdnr4APTTPQ0CZc-gce4xz4e53kSjRW3yv6f4nRdmMpn-keqoeuyV3B_jbbeXAZHWR9LC2FP0imtlsiYWwFF1mw8AE3WAL3FWV6PWoHnW01loASupvsYIgLcfAN2kuWxqfSZBNrtMkdgVG2THS9j1CPXyc6-aGGKFRVSGin5y9kkuzkk-VjOnsYbv6vw_FSkkgTaf-_mt-rcoWpSHRptP3uTq4zhinBXZ02UWH0kegCQx3FeaRTdehLsRhPJw0-PySXFmn89Ar0qpFHOi2hNFghh0l_4Uca3lh_W_oN62fInLua_faEnX1ayQd4R2lL2zuzDntxX8GjmxdWR_Ki-7eqOKp2B0_H1qCuJSesqP3No2zob-OPQzOWz2_vT6QmHX4QHAtLecGSR-90MP95Q6VpPrTANCLr8MDVpi_jeU7j7k9lOj66X8mTsGkh6ZwaNkhtHnur53y2fTrACq0CJXN77L1_bmmdax4IkwOUVA3oec4VLks27_iHhAm_g_C_jiFA6TiFEOZ1Qxe1NRkPOhcaoysa9EOrXA18iI7khlzx3_cVV-d0b6XEj72Au3EW8dVszGgKMhSTyXPFqzOKaWf2nhIdisd402rf42eiV5Y7RP4TPd5_ebnUm3VIFR1ObA24EQ3Tk68FZ989uNuSc9ReV10X9cw9-HkOvlwk_qKpe7s_Hytzufkjw7rUeEcMushehZUGBj9vgEvE-uh6qaH1mVyv7jeIkTP3L04A&sai=AMfl-YRHSWayM_z482oMGxHac6iGgOOr6MxeK12Ncu8ncsu3qfFvtjml1akBAHWI4T7bkaCFEAdyOlJqmxBP4nSXEm-l3wXIGoS9gkqUA3oQSIqkEOPOpoR-dz35R31tDbI9nepAEI-ygbF8JzD9yg7Gd3yODM83Nm-llyTWGtvush4PuFSzxt2uuJXghMgCY9JGcKzeqeuRyf5S-MhOzg_ZILmsWu3W7-2HYA&sig=Cg0ArKJSzOlLVfrunGo8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&cbvp=1&cstd=194&cisv=r20220810.31915&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 15 Aug 2022 16:21:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8DE9 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 342126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 17:19:06 GMT
expires: Fri, 11 Aug 2023 17:19:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CB7 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:19:12 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame E554 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:19:12 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B1E6 236 KB
63 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 16:21:12 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/ Frame B1E6 23 KB
4 KB 39ms
38ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6e080e881e29a77d25b2707d3d130d52bf039080f439ffe7618ed9ebe5c0d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4226
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:47 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 55 B
103 B 41ms
41ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 731 B
263 B 50ms
46ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 24 B
72 B 49ms
45ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 281 B
187 B 47ms
44ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 08:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 08:46:15 GMT

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 26 B
74 B 50ms
47ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 157 B
144 B 48ms
45ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0304 6 KB
823 B 52ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:regular|Open+Sans:regular|Playfair+Display+SC:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8d245c20017c8ded328ee520b0253ce7d2d1743fcf1ef8dc65fed31b89d4cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:47:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 16:21:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 16:21:12 GMT

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 400 B
313 B 92ms
89ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368164
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 10:05:08 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 20 KB
6 KB 85ms
82ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519620
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6276
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:52 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 3 KB
1 KB 89ms
86ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1308
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 8 KB
3 KB 62ms
60ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3191
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 0304 118 KB
40 KB 51ms
48ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 21:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 21:45:39 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 13 KB
4 KB 79ms
77ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4481
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 5 KB
2 KB 75ms
72ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 21:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500410
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2014
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 21:21:02 GMT

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 1 KB
626 B 84ms
81ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 590
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 7 KB
3 KB 78ms
76ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2823
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 3 KB
1 KB 71ms
69ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 gwd-events-support.1.0.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 5 KB
1 KB 71ms
68ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwd-events-support.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97cdf067606c37c831a54b3ffc71cafb94ff1f4db84a1ba620b2e9e43cc1084d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 08:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459189
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1215
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 08:48:03 GMT

GET
H3 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 3 KB
1 KB 78ms
75ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1293
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 5 KB
2 KB 75ms
72ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2351
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 09:15:40 GMT

GET
H3 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/4967240334341465534/ Frame 0304 23 KB
9 KB 63ms
61ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4967240334341465534/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9229
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:50:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 16:00:15 GMT

GET
H3 200 hp_styles.css
s0.2mdn.net/sadbundle/9520564935839426931/ Frame A4DE 3 KB
851 B 38ms
38ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/index.html?e=69&leftOffset=0&topOffset=0&c=Ec9jvVE5dT&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3067a5f035930a60c9390a74974bdcf78dd1c835a101d6567c92c6bf5e41ae52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/index.html?e=69&leftOffset=0&topOffset=0&c=Ec9jvVE5dT&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 822
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 09:04:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 14:51:23 GMT

GET
H3 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A4DE 113 KB
39 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/index.html?e=69&leftOffset=0&topOffset=0&c=Ec9jvVE5dT&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/index.html?e=69&leftOffset=0&topOffset=0&c=Ec9jvVE5dT&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 16:21:12 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A4DE 118 KB
40 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/index.html?e=69&leftOffset=0&topOffset=0&c=Ec9jvVE5dT&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/index.html?e=69&leftOffset=0&topOffset=0&c=Ec9jvVE5dT&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 07:51:00 GMT

GET
H3 200 hp_main.js Show response
s0.2mdn.net/sadbundle/9520564935839426931/ Frame A4DE 5 KB
990 B 78ms
78ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9520564935839426931/hp_main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/index.html?e=69&leftOffset=0&topOffset=0&c=Ec9jvVE5dT&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4aa019a1b6db6a8fffde9f05f2579e459201f7c0e18bd4a72dfa4dc1561b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/index.html?e=69&leftOffset=0&topOffset=0&c=Ec9jvVE5dT&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 19:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 951
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 09:04:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Aug 2023 19:25:23 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DE9 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:19:12 GMT

GET
H3 200 NoeDisplay-Bold.woff2
s0.2mdn.net/creatives/assets/4519006/ Frame 0304 23 KB
23 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4519006/NoeDisplay-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

252af27dff2d714fae7aae5783d33fb6a2f5089bd387717569317188c63c2a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:16:30 GMT
x-content-type-options: nosniff
age: 282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23068
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 13:58:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 16:31:30 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 0304 16 KB
16 KB 120ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:regular|Open+Sans:regular|Playfair+Display+SC:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 19:06:05 GMT
x-content-type-options: nosniff
age: 594907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 19:06:05 GMT

GET
H3 200 bgrd.jpg
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 9 KB
9 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/bgrd.jpg

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7310148aef9b5a6415c86ad58145e45ca053cb4dd04ee071a3840355f955966b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:08:04 GMT
x-content-type-options: nosniff
age: 101588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8938
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Aug 2023 12:08:04 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EED9 0
26 B 152ms
75ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstctLeTp1ll2xxVsyaihtuT6B6mNF0WIB22ntTfdivQo-tELwGVrjMIoNWokOw9Arx84Azn80JjGLiTpIekTvlU8kae-Won0CGyOnJ-JNCBXaAD1veO3uvCHSFxPugsmpO-_9Ea-ltksct6MFIqd6eoMNsVRDA-MAtSGaxSoVwFVvtOPCBLdFKXgFkCGPs2ATLeYwA4KRkBXoy7fEisRdSIilgLCsicI6vO7ucffR1r166Nrvh7KNDzUm6GC-GBhYRXE-pNBbtIuHvCciR4TyovEV6rWid99VqDm8t3uRFeeiiDWZ2BZYPjS2Uc3FZMxbLjKpXtEJbDRxyRFVmFk7AUJ2xavjvapaph3mnfXZvz7hWlV_26AwUuYVAFOiBEEuxhbrb2SvvgMoF0wuEjiBRNdKJtVKrvYGfJ_bGFw_atslt1S12li5FMjwFpr57UTvtUOz40nGY_CyiTCHrdLPujtgIJ3dOd6UC2uyGwc1mdH6YeFsWNbCfvTQqa0lGfBbTtRuNLk4E0EKGdliOk47dx6QBFv63IDVlkEJFI2MBi3c8NaHpm2MkTItjbc_Kr9HzLhoL9Ovc63kCtQr4IIVYhPO5GmSgMNXR34BeEO0LXFl7xATegHdJbM4ieZk1ftP65Sr9iNOSRbXeMUc10L4CjCsBEdVebXyFil6TSvlfbc3OXldTqndyw33H48blU6Vkz2bPX4QoWpeHEDV7qk5wpLuTYs_nP5_PvnKX8_puz1ZX1cmhhO6VFhdXXYXFEanFjy25rsBKiX3-amx2QuaW8BnvdWdKL7-1U09M2TZ5vFCfTUtE59-9VQnywKDwTdDLV2KidMxsge5HJ6_11vT_jENJXxhQIG0zZ-ig16j-_WfDQlG-k4qoI39d9gb7cGOne4wp0nyG_r4JA69ZH-BNEEnrXSE-yfh7W0T58ZtbbJrP1fhEdye3AM5La4Ou7NEeDBE-hjIkrB37IB7kGOWs7P-hMxQLVsU5ljAzAGIGmMnaX0sQ4erKixOB_iluDXrX9cHU9_IZAXrNHaPVGMKKUgTi7J4E5fbaFLFXbJK4FSdL1pb37BlQeWLp9Uwc60YG5m023LEsn5OTy8UOsFck6KsJkGJTOGGmxvXzOnD6K_lTRn1_9UDm1T6BApSOucOGFUXs99dLeWOeIpnBz3NzWkvx_dVjxgNxHq_bDpCGuJSGSxEuo6zbozajMTXZNw0BNPCif8IXh_uqLCh5ooq5qZteCokhKGGMMau7Foq09gW1RBS5PiJe3TX78-kzCttFriEfDxEEWfSqDyXDIZR83x0SXWcNVkNYw5fo4Fw&sai=AMfl-YSm1IhMcYNhH9we2wUfOhognVSF-8CASFd83L-xgg8ymLFS2N_HL8GMcJTVRkMK949-H1I-YlJaqxc7xIcj0j1PG7jYuw4O01S6tgj0Dwd_7Cpo4sc5Rn-Mcj6HDbtmjYdbJfJrGy5b48XeOnYFvHhzm-ok0-Fo6_5r6S2U6ZJ7X11VKuV59qgH5Fl9-36iF8sRzDBiE7MUMKjQ6bEIROSj3yRCFOY&sig=Cg0ArKJSzNawvYyROd8mEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=625&vt=11&dtpt=364&dett=3&cstd=258&cisv=r20220810.14525&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 22A7 0
26 B 129ms
74ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulyJWcFnDgKXU547KOU5W3QS-PKd8sOU5xQXC1YZUk8WzzKo8co38ESVnT8Mit4F9q_DwZm0nPq7TdVe6QrB9t4F77hFNW53atXtzRjlkG7IIYOoXl8ZooOq9zddhfJ1_9kCTzeiRTGM3SsVkJxxiyS6ls6x_SabxeiN5v9XaWuH6Oc1dQBnbeEQEdBVezVQWNM_tnLf8Ox7w0Ll-0n03tIjyZ-qCkqlPVer5N-W-FNyIPz26XIvqQ1Lc94Ejb2SgnstHHNqb284W_loEMB4pvHE24VeyKWc0UmqhU9swNYYvUdJgHeIyMDLB3UpBfO18fHPQosNcIMWnH79KMAQTvG9HV1-Sxh8z6XK-S6nOM_kLTTLQO7MdUNlDzTEHs1-Q64oaKsP7H23sHXClgTJBTRYq4MSbKW3PjQcfn74DpDraXq14FMmUjd0xrwTxbtIiwOCl67C-0sJfrBQp_KkpGatKjUA_JQN9hA6rNdnr4APTTPQ0CZc-gce4xz4e53kSjRW3yv6f4nRdmMpn-keqoeuyV3B_jbbeXAZHWR9LC2FP0imtlsiYWwFF1mw8AE3WAL3FWV6PWoHnW01loASupvsYIgLcfAN2kuWxqfSZBNrtMkdgVG2THS9j1CPXyc6-aGGKFRVSGin5y9kkuzkk-VjOnsYbv6vw_FSkkgTaf-_mt-rcoWpSHRptP3uTq4zhinBXZ02UWH0kegCQx3FeaRTdehLsRhPJw0-PySXFmn89Ar0qpFHOi2hNFghh0l_4Uca3lh_W_oN62fInLua_faEnX1ayQd4R2lL2zuzDntxX8GjmxdWR_Ki-7eqOKp2B0_H1qCuJSesqP3No2zob-OPQzOWz2_vT6QmHX4QHAtLecGSR-90MP95Q6VpPrTANCLr8MDVpi_jeU7j7k9lOj66X8mTsGkh6ZwaNkhtHnur53y2fTrACq0CJXN77L1_bmmdax4IkwOUVA3oec4VLks27_iHhAm_g_C_jiFA6TiFEOZ1Qxe1NRkPOhcaoysa9EOrXA18iI7khlzx3_cVV-d0b6XEj72Au3EW8dVszGgKMhSTyXPFqzOKaWf2nhIdisd402rf42eiV5Y7RP4TPd5_ebnUm3VIFR1ObA24EQ3Tk68FZ989uNuSc9ReV10X9cw9-HkOvlwk_qKpe7s_Hytzufkjw7rUeEcMushehZUGBj9vgEvE-uh6qaH1mVyv7jeIkTP3L04A&sai=AMfl-YRHSWayM_z482oMGxHac6iGgOOr6MxeK12Ncu8ncsu3qfFvtjml1akBAHWI4T7bkaCFEAdyOlJqmxBP4nSXEm-l3wXIGoS9gkqUA3oQSIqkEOPOpoR-dz35R31tDbI9nepAEI-ygbF8JzD9yg7Gd3yODM83Nm-llyTWGtvush4PuFSzxt2uuJXghMgCY9JGcKzeqeuRyf5S-MhOzg_ZILmsWu3W7-2HYA&sig=Cg0ArKJSzOlLVfrunGo8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=480&vt=11&dtpt=283&dett=3&cstd=194&cisv=r20220810.31915&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 btn.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 1 KB
1 KB 37ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/btn.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f634e5cee1ff5942cb19c0667435e895c64969f3c9dbab99b06b83d218a924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1420
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A4DE 7 KB
5 KB 159ms
81ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02f5c978a7e0da6d667b79c9d7b76b653a384e9956cc73e05a72e0a512b87695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A71B 0
26 B 76ms
76ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusBSZKi5ewmQnIwClYs0Hiry6xrsJAKj4jz7oj73AtFd0nh3kl8mdhfbDRIVCcfI8zUv8Mjpj_27t-4XkA-_Pdcykuz4Ol_51RFGLnNueJUgkdf2uuMMICYH_3jMaf0bgsY4oDSeXpHiA2-QocNqqbBWoAUH8KKrTiZ59EgwnJctB_UXy-HTYhv2kczsVY9Y9lKvDiBzdjqwsawf4AdP-69gOQa1CS9dz4bDX_gclV8tQ5FFz3MOUAnF85u2X4xR5j6Cmy44x9sUebVSAc1jmegrhX3YQc55JCiBnbW_bkpEgBeN_WUm76u8kizoF2ABkSKVm9Drh1PIP3MnBCZDuIEwst8EazuBPLt8WtNU892Xs4dZAKsZ3M7GHpIUnU4Jgalp6a-cspHfNRMHw-i4jRL8uz5EEzb_l9Fo2sbad2Dj8sZFJNtdnasDfzxOKMjyNv1UQNXNHgYEoTC2AA6PpViUeqNrysinCjGPJL1KiuizJZNi6IXhKE7qVRo9i_2nV_AXKzo0gG9DWpSnpnMh0jiV6CVAkTBd0M6j6NdN48qH6Ic91MAeRvF5laUnUELX3qN5jVC60Fx3mBILX5c2fJ_H3mNT1_46TKxsMUVmcw1Ebz4z5dPF0I0C6YWxhSwhYAG0BEgdL2-Dg_MFa9-WVwFXU53R9TDRzAQV29rSoBc-HbUXMtK-h0wOz2v0ZU9sHtIBPntrb2fze7Q615sCRYAX7LeE6XbjSxjCc81GQPMZeQBgQu-AyWcFXfUKEJQ603ehr280nR2CTH_LpXQlvEsBeJNnbFI9ZZ-9PR2xk8DziKrjVdTLcxZcKE39aVhnEbkcAQxw2WyTY8EyJMnlIUmL5LhA-21fobfJOWabhKQFqyTZq8XYoSJz9eWI5fuh_p5K_EjEF1QgdzAToDBxfpLg8ZfdL1-DFwiZFKHw8eClR7e-tiea7viiHscBD3_a13zUELlipxd1yjWfJ0QD70SvqmZ-Xs6TUbIWcuItMuxnlp0p1p7reOqMCzxRVFK1AJTKbtJp6d51k-z8JEmtINo7fnjQyq4qf8pbssfM4IH4QJyGbDHuMhi_qpbUOEkMSk6GKK1OXdWQciWz8xMuWUDvWUjijg2PhwPXS9DbIFNGi5hT8BuXgCBz03tOA-L3MA84g4URAbqmq2FWx3FckA6fwbaXWZfUnfcijXgKt89-y3-kviHw&sai=AMfl-YSjfOoUE68jfq0akW8mqgw8jD7T0aDE3vEJY_OB6vb12eG-8UXkgxR55FrjR0MSUiezIQ7juCU1vVa-68Z0XUyrOyPvzJ_0iOneeB8ywr0P_RiKJTLoKYyOu4cWSqwPqwY2fcYuORP91vzEiAz2SCLtgBKM2D8D4lVnSSpiM0m96P4yAOZmoABLykXRRvmvX6WRbiVBuMPNPizg5SD35CTp7MoOEN8&sig=Cg0ArKJSzCcXgFv5N4PxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=702&vt=11&dtpt=435&dett=3&cstd=261&cisv=r20220810.56788&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0304 7 KB
5 KB 125ms
81ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebbdaa5cf7d6df17795466e4604fea9bbed1b49554bc4d61c1148aa642401709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5557
x-xss-protection: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 76ms
76ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=71853930328

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
522 B 42ms
42ms XHR
application/json 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: d8760ebdf191f44b2bc457e92eb0c64ad3d7faff612d28c8dd8cc8b6b3f5f356

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 16:21:13 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kooora4lives.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 15 Aug 2022 16:21:13 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 38ms
38ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://kooora4lives.net
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST /
prebid.smilewanted.com/ 0
0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 72ms
72ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=93817041508

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 16:21:12 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 43ms
43ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 15 Aug 2022 16:21:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 344 B
801 B 73ms
73ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=10&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1660580472950-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=6d327a16-b9a3-4b21-a960-e3456d258c6c&l_pb_bid_id=439282a3b36c147b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1660580472950-0&slots=1&rand=0.7966842229692159
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 84f5d11028dfcd578417da4a0b68a2ef017244a90808ba2ce1813aa7bfb9b8bb

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:13 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 344
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 343 B
800 B 115ms
115ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1660580472950-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=6d327a16-b9a3-4b21-a960-e3456d258c6c&l_pb_bid_id=441e9dfbadeff97a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1660580472950-0&slots=1&rand=0.3501438361045919
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 513f26c4e3c3fd447d3487df6ce1fe20660ca62fe2ba749c5fe4b37e01de41ab

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:13 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 343
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
44 B 43ms
42ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Mon, 15 Aug 2022 16:21:12 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://kooora4lives.net
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 23 KB
13 KB 223ms
223ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c4f928994f8763e24518c0f307e0fb7bed5f37e14e73943414b0d5757bf14a47

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 16:21:13 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 62b72f8c-d925-4e96-b41e-d5771046d77d
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 KB
12 KB 186ms
186ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9e8301f281e0259b178e64dfcf981c041cd8f83b0eb25edbd75273b5018b1e2b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 16:21:13 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e5b08c9c-3792-461f-9155-83b5b4b64c73
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
536 B 38ms
38ms XHR
application/json 35.156.35.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.25.1-c&referrer=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tmax=2000&gdpr=false

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-35-28.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
accept-ch: sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status: 7, 7
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 46ms
46ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 15 Aug 2022 16:21:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 248ms
247ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

23d1982d4b8ed7ce0568101acd999bd88a928ea955ab45dfd63717172b3b2b4c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:13 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 01485a94-ba95-4be6-ba2b-7aabe9414096
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kooora4lives.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adipololtd-d.openx.net/w/1.0/ 173 B
187 B 65ms
65ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6d327a16-b9a3-4b21-a960-e3456d258c6c&nocache=1660580473057&gdpr=0&pubcid=2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea&schain=1.0%2C1!adipolo.com%2C620a5acab6e80f22ac327b74%2C1%2C%2C%2C&aus=300x600&divids=div-gpt-ad-1660580472950-0&aucs=%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fdynamic%252Fkoora4live%2523div-gpt-ad-1660580472950-0&auid=556544515
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f2625e678cc223810d1a7f1f80c7dacddffc75b97b384f17d8851f14084c0b0e

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kooora4lives.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 23720825_20220520013528796_300x250_Sello_SPA.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 11 KB
11 KB 39ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220520013528796_300x250_Sello_SPA.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ba8cb65f35489fc6d6c2aea04344fe107f3dfda6541f112ab05db5ea939a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 15:00:02 GMT
x-content-type-options: nosniff
age: 4871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11012
x-xss-protection: 0
last-modified: Fri, 20 May 2022 08:35:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 15:00:02 GMT

GET
H3 200 23720825_20220511060324724_CANCEL-DE-300x250.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 9 KB
9 KB 41ms
39ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220511060324724_CANCEL-DE-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c03953fc13eb8db32714771621a082908c0944fc8bd3dca7ab0dc7734f10bd77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:17:51 GMT
x-content-type-options: nosniff
age: 202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
last-modified: Wed, 11 May 2022 13:03:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 16:17:51 GMT

GET
H3 200 23720825_20211125045126622_300x250_Logo.svg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 28 KB
8 KB 42ms
40ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20211125045126622_300x250_Logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1f6139cd11db9f41ef24575cd59d3f14cbd1c239ce23aa887ef1ad8b3756ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 15:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8077
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 10:37:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 15:47:59 GMT

GET
H3 200 23720825_20211124073950898_300x250_Pastilla.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 85 KB
86 KB 49ms
48ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20211124073950898_300x250_Pastilla.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6b3b484d4e929920d22052e680577b181eec29fb6dc2aef0c14dd2893d55ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 15:47:41 GMT
x-content-type-options: nosniff
age: 2012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87545
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 15:39:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 15:47:41 GMT

GET
H3 200 23720825_20220520013917193_300x250_Parejas.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 67 KB
68 KB 46ms
45ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220520013917193_300x250_Parejas.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d96da7a2ff4125250016ce45e9c7681efb880de8491352e46a7062f86f5c41cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 15:00:02 GMT
x-content-type-options: nosniff
age: 4871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69091
x-xss-protection: 0
last-modified: Fri, 20 May 2022 08:39:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 15:00:02 GMT

GET
H3 200 23720825_20220511050543557_BAL300x250.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 66 KB
66 KB 47ms
46ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220511050543557_BAL300x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81976775fecf2752aa0b89d19da6a7d0c318f2db7894a7202f60cf50bdab31e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 17:16:00 GMT
x-content-type-options: nosniff
age: 83113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67266
x-xss-protection: 0
last-modified: Wed, 11 May 2022 12:05:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 17:16:00 GMT

GET
H3 200 bubble.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 11 KB
11 KB 46ms
45ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/bubble.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c409f494ee43633c5e2caaeac201b20d165c0bf295d05133ceaf9ac385cab97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11555
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CB7 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B58Z0eHL6YsvNBtXk7_UPvM2OkA0AAAAAOAHgBAI&bg=!xsWlxYHNAAa4hXTbmIU7ACkAdvg8Wkf4tYKpDwdDTBcLI8jPmPhXIvz-VLVmQaTYPZbJ3hNJTaQfRwIAAAFHUgAAAARoAQeZA4aMAUdk9qjO5WS8mft-QngZqgs8C3Y41m81tLZfiOxHrBchWWizVNvECUeu9OMmZJXYSKQpdjzMmaP-goPJiYfUrjAu_sxq8tsI3ndPEDghgPgdDJFOvma4KtSCVj_40ydMCl8PtmRA__CK4fbOC4KweZXaYRegKwU5rsHrJ7Zkjy1EdrH0OLFo6GnE0alyIaMmy81X8pB6h6pgRTfxItaqcQCHDodrrisUytfsdBbLeKdKMl43jUW8yL4OParjrrJCSA1U9cbK3ifhd9NwlT1unHasPtC2BEq669m32pyawB_DJKjQ4QxE-V0MhDZ8wEJBqXHhH1VE58SMr1_W63OQKD7YIQ0oqeZKsQ_NE0K8LgK3DFT5ofRzphgI6l_shoLW1iEwkQFbBU_mnNfrZVS30-AyNFMkM484V8LImkioRjHFJMEFbrlPVjoc5vohwgx5gera71f53ARj5tcSa_0MEwfY16E37s3mnECaBfd-77dhfdkqUhMKa5K4FoSRU6HjUGC6DdJCFslOilb1YyH2hA3qDG7aCO6mIIXwp804B6dDxKcEDZ3bd3j4474heEh13zSCRJWxWSi4Rj-ahQWYhOxVZHGl5U3--pjkTZka8oj1HPjc6_W50KQj_ktlZ0RcY8V8LfRU3jL40dztGjM4X6xBrTW8NN8lr4TSfOwQ6gHdn7MnXIuF9o-Ry0H0Dxv_j_6TbxZ_YSslN-Na_fLpr2wlUS86A8rKW58ylL37q4aIZdykj0daxRr9gkmuHAoSWnd2sy2o4ESLTbQbJ34U0qn5bGeag-9kbo9RkJKcMYQF57499j8sWcp7V61ttubhVhpHXTma3pWx7QNvFjgHCWD3LoldD2zEqm_9ZczO5Y1Ik0Aw5KUWBDFXFHfBGSt8QhC6_EL3_1JV4dRbiDEHIPMcXG275sF7Q6k4aYuQS3ym0tCGAkr5lqmw3fmtFWcqTh6OuYxsbgBhvTVEQI6b6W_ep2JKa64rCGdUtLxiMSUuBnZw6qwOLOb7CJGvRIIvJxzUlqI0_onY1ekwy07XTvO3VqTk3VGB1U624HmyBXRbcFP7-B5tE7remuFpActaP7NtJiTGYm65U6wGDI5-NQi-45ksnGRKdFIQUdbx-kpO8kuCZ2ljX29aWPltELhVo1oRpB-n_tCiPhCyg3YA4KK0UlCujRxUlXHvKZTZiUUAG1YaFQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0304 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E554 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnmuxeHL6YpHDBtTl7_UPnoWy0AoAAAAAOAHgBAI&bg=!YGOlYyfNAAa4hXTbmIU7ACkAdvg8WiCbLTIQkN6HdUCBy7Xt2QVJYWh_jSLZY817Q412eGjPZkXYlAIAAAFtUgAAAANoAQeZA33gTIAR6--WqtqzNvmAE_95dXZYF1W7QTtkvcF55sZ1HgQ7y4fiS5Lsx6eQK21qttQCUYiwHA2emSwPyzF3W8gXf2oZdd9VhvE7SsghW6IXHxPvp3rK8iSjOqBeZ8pEtDhnvuOn2Gb4qSEHp4TXaR0ZM5RCTzU3_iUyzGhUToP69EGRl2mJkb3a-yHdO5FLbTM31joawJ0TkCivVo-Pv-zd_prK9a4rBtnVFRBg6QpKNBPm69HWtvR5K4KqR50qGGLetugCOGczmRJBVoFxhIKX4viQBXFCHPhWF8U1yVo-HSRPRT3bWlWY_edXj_4Z1DVSIY8TG4qE3WhWDHSRya6FZrEnoa2fqhitjb_0e0y9XOvr7CHWudo3N0PPzKuukw7Ul-3Lw0_u_Ld0d0rscw6_LE7HEA0UuM4DfvrY1WfLstGSRrgVrb_ZvfvLadn08uzAxGqO0UlTmSTGwJqMKrOaWHvgc6ehp_kiDcP-hWKUhF6HXYfSzNzGoWbiyFiNlUJD9lVuQ4Z8IN1ghMl5BdZkyH7_3YwxPrWXOB_fRN4jq1agxvIgU4ez1sfXjpx0H4HzWP_jKIl0WmDB46eChPYYPcRLId_OPLN2duVe9LIHGFezERPztTXXrNYO_UYTEdau7z--wTMp88psQ4B6254h1lIX8y5uqOiRISRfuDueCeMa6lTu4kmUOLNlNN19BAzJnLS80cyeQ4PEejq0l_UzudgWNB-ScFbJm7HxyoyMs7Z_wThZzwuYcL2KfbRGG9_4LfBz70wgp1G-sas651EOC46dMidv1Ef0LqQf3OksWm53Y0KlFYOykoR7pEmpf5iubuRl2PC8LPvfcV9Z_-1nhxQsEBtFvTVtKikT9EfDKl9mcZ5uIgpsbeGIT40oZj1689kVvr4gTrRCo9lvFPQZp_YoLvk0HbLZk9PmnBCksVcJmAGZnVG05sxVDARVJ-heeSVQ-6x5HPk1uRY8aEPrTFdeWAxvHXI1L8mkVyVaj_FOgzbnpu-cyDwkWo8XQABgxNWW0CnHzCRYa70UOAyVgkQ6gqk159LpBH2vd2b_nH9criX-kteD4Q-JCAGBPBokpSQFnEMcOKPKC_HNsCIgXNLI_W4j4PCOsejfYvNtRd-K2g7MPWkt-Q0jamCiyvDLDLVA-JPCjiw8EdS7bgr3oJWOjAj2Gd9q-RZHxw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dieter.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 5 KB
5 KB 38ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/dieter.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7d6728628ef211d3b30f62aae45ab63fd79dc5ab17ad2dcf6f1bbce1268700d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5444
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DE9 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8bq1eHL6YuLQE_GL7_UP3tmt8AQAAAAAOAHgBAI&bg=!cnGlcTXNAAa4hXTbmIU7ACkAdvg8WoP-GLqv_JK6qshQFKkZ5vNdqm0863PkhbgAEKIZSR_BtOp2RAIAAAEXUgAAAAJoAQcKAD8_5tgL2AHt1NTxC91nyMwaZf2UDXGg9Ms7bzWxkuVha3NCqyF0QgaMV9fDXR-FAy8a6ydyDRuqvYm96e6xKy6ZA0LiSiT-tOTsHMExsm1LhoiEP4CJrEfKN_taN5UiE6wBQKPRN7TNHAUWD7WYU8Zsok1iSJlIqEO6tX-6YivcObo5CXi_JnLwnFKNZQomUCmv5CkeaIYvVwKTz7YXxaA41KPUZZRD-SA8HLVhzzlKa_ktYKtyBevna-x47lcUnZ7oGSKCECpCozJny9xnHUv0bWR5FNVYO_mt-mESIT6pr-uK3OviZ5vb2B9YpNlb1ZyAXnSnP1aY3Xp3C9KxEc20rMpSUJ_cfoo75tutPxLdnvP0Kgl6XPLVEDqJLLYa0d3dzeu5xtrhC8ytoJ0PCLQx7Cm4g0xbnpks84rmDDufhehRdlz5rxy8hLHyn5TIr498HEv6g9iPJRmy1b3No81vbDhmdtv_coutR-LLuUzpmCwyosSAd2y3youGuM-nlYPKg_uzSUabZdHt5f-PAdDNXBXGmKBP1tsCNQS_Ly2HDfAaXKlcHsMZ1l8D5xcsCUgrlD3_OrLh5NQqUSo7VTJC0nDAXp_tAokDiCqHUipBvax_s-lZcZLEiSBSdCf_CYyPgdbuxzaGrgAS7aIl-RtLvq0qbFuF41w1IPTHyB7V2zkqA1cfdRm748lPcCbRBRSA9E2hmpThns-tmeNttOR2RtNEVoxvGpa_PlsodlWxxFzdhwUYB91ZAr2S-tobJsMl6bqel9CWj_dbhthLsaYevrxTV3dfT26U1Ad2Ya5UXVZIP_w_VTwlpU357CuHWjkkwo9Jr0OBAArZTEqF8iz9yecnKXFPAzGhkQKXBnbhP0VJVNHwfmlA7D0PLMyZfkZCaeryW7l76DmFHtC_vherb3Djj4QNAj0wJ1ZFGCkhxn1pbiOE0siVrakqzuLmoa-fdfTS-EA-RAe_0_WLfdHVEBHAnPuWo1KvzQfayUSL2vwkPxPcVza61jxCGSEiGvCxWdfokHu6yi49PzGNd-HtVYehSOHRd3qKqWyHjMDqmqvoFVwWeUW62BBYc9OBvVUnzDpIdKfA2ucuUD4kv-ECt59TsEAyrzkQey1stuVqIv3QIyIFagIqc4llx2IYSudephhBGPjIYh3b7cdZbrwidW-hdlsBCTghMP_myF3WCNM_23A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080901&jk=2430929597675077&bg=!nJ-ln9vNAAa4hXTbmIU7ACkAdvg8WsqIZEaURBATebMP3KeSeI8Flg-8-P1pL-196XuiLhIID3aAOgIAAAGCUgAAAAJoAQcKAL50tzH35O0SkWE7HiNRRsm6yEl1EN9hrAzRhaw0X3E_ggHZbwtznECXWVRPSNtPvaAs3hscApdLxiQ4hB3hZB5wx4vY6YtvggVrDa4KnWTpMKcftxN2e-t9Nekshx3lTi8QGFWibeer5MHNVkJ9pzWEZtJ4zRNqfYnbGNhlvgcRJqewUcLfpkaT5YNCcML7GOkb7XrmwGHPJDQUIy8UxqmT1wv-VGChKShUtVyOBzgOvxiCuoBKPCgnL0TbkNNTmQLbq2Pd8T4CD34u2eZqOOfpguDNlQN-Qr1YWhvu6KgQE8_RUomZUPp_UOI_QfQ07P1OeXpoWbfAlQKMHyXMMaQaq4whnQ1QVpNYiGGTftc0bWgUQ8ugikZGFc531CK_qKxU-BuAeYjjlA0fZhryv5hReeHkhnk1xBPga6nvmvM6ulCuNu-_Rq2h_ndKVoYmp3VPs-AKI8tIUyQO8OYChDBaUQCnIk5MlbVHmqCKnsMci7iKjSf9UAFg_-pNmrYXISNMVa7C8iykhgfopyvNRTDFFxu1MqXN0Ju6rnSGUMjOq5UjH00ob17ikDn20dFNH3ANWVARP9No4XwmXUL64ClzxnGNjRj4fAfiiOFi9tHxlrdFUmdCQmaONpubiIvYr9yow1xdsEh-p4mm4UXBy4kNRLeQJa4BzqloCTnx_n4CeiZgutXdG5jVJP0CcOYoHEFzamDsOxUHdVH_-Ld704pKAR1u4Rca5TeELHGNoRc2RqNiz-yXWM4-xyxV13toABF5Kx5DiZ_Ef-JkCFLwGtzD_NJ3LchKEA4GnyC7dJ8-sEwne60Wi7WK2tP_D07xCC4rTAGh_SB0TOH4dTywlQzpcXiWd-BsG7vk5AQfHYtBqXj-yC5fd59KqnAKc9RK1PxXSO5a2a1Gva-bzij6GFgrrHV4HZ2OpdZbA6qGm1aWKK1sj_k5MbtXWIpTPeGYPzSlf_d7-hrelKuubROu4XalQ8D7iymtFENpaMQAfFt9lWRXfEkke1IsG4doBF2klojqUgmQPk1DuVlJfhMlcg9253-VWHF5BK7y9uq-xHQ3prYS-883s9SiSdEB1-WasAMCWzLZqugQxg8wEjVZucKU4KcKi8N3gd1A9b-Qh1ALqmezxP9Idh5WBupfjskZjE-Fvm9ce1sTcDBfoSzEEON273aJ5M6dQ2w2FBcUZw3cIpBHn1b_jR7VxQjuOWJutNl6g80KW0L4N3tnnVo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A4DE 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:13 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0304 17 KB
6 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:13 GMT

GET
H3 200 23720825_20220511050543557_BAL300x250.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 66 KB
66 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220511050543557_BAL300x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81976775fecf2752aa0b89d19da6a7d0c318f2db7894a7202f60cf50bdab31e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 17:16:00 GMT
x-content-type-options: nosniff
age: 83113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67266
x-xss-protection: 0
last-modified: Wed, 11 May 2022 12:05:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 17:16:00 GMT

GET
H3 200 23720825_20220520013917193_300x250_Parejas.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 67 KB
68 KB 39ms
37ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220520013917193_300x250_Parejas.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d96da7a2ff4125250016ce45e9c7681efb880de8491352e46a7062f86f5c41cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 15:00:02 GMT
x-content-type-options: nosniff
age: 4871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69091
x-xss-protection: 0
last-modified: Fri, 20 May 2022 08:39:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 15:00:02 GMT

GET
H3 200 23720825_20211124073950898_300x250_Pastilla.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 85 KB
86 KB 41ms
40ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20211124073950898_300x250_Pastilla.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6b3b484d4e929920d22052e680577b181eec29fb6dc2aef0c14dd2893d55ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 15:47:41 GMT
x-content-type-options: nosniff
age: 2012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87545
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 15:39:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 15:47:41 GMT

GET
H3 200 23720825_20211125045126622_300x250_Logo.svg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 28 KB
8 KB 44ms
42ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20211125045126622_300x250_Logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1f6139cd11db9f41ef24575cd59d3f14cbd1c239ce23aa887ef1ad8b3756ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 15:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8077
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 10:37:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 15:47:59 GMT

GET
H3 200 23720825_20220511060324724_CANCEL-DE-300x250.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 9 KB
9 KB 44ms
43ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220511060324724_CANCEL-DE-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c03953fc13eb8db32714771621a082908c0944fc8bd3dca7ab0dc7734f10bd77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:17:51 GMT
x-content-type-options: nosniff
age: 202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
last-modified: Wed, 11 May 2022 13:03:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 16:17:51 GMT

GET
H3 200 23720825_20220520013528796_300x250_Sello_SPA.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 0304 11 KB
11 KB 45ms
45ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220520013528796_300x250_Sello_SPA.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ba8cb65f35489fc6d6c2aea04344fe107f3dfda6541f112ab05db5ea939a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=UCMWpo2FbU&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 15:00:02 GMT
x-content-type-options: nosniff
age: 4871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11012
x-xss-protection: 0
last-modified: Fri, 20 May 2022 08:35:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 15:00:02 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 1 KB
1 KB 38ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1167
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 container.html Show response
b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FDAC 6 KB
3 KB 49ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:11 GMT
expires: Tue, 15 Aug 2023 16:21:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2780 6 KB
3 KB 44ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:11 GMT
expires: Tue, 15 Aug 2023 16:21:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 691 B
727 B 38ms
38ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e6d5cbec4fa0435b5307accc162df34fff6f4eb29050eaf1bc2ce28e2c4cdf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 691
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 rtl-logo.png
s0.2mdn.net/sadbundle/9520564935839426931/ Frame A4DE 5 KB
5 KB 41ms
40ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9520564935839426931/rtl-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

769a2c178865eb30b91e1f57d8be572fddb93af9c234c610e8d09ad59ccd27fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:51:21 GMT
x-content-type-options: nosniff
age: 437392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4839
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 09:04:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 14:51:21 GMT

GET
H3 200 bgImg1.jpg
s0.2mdn.net/sadbundle/9520564935839426931/ Frame A4DE 20 KB
20 KB 47ms
45ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9520564935839426931/bgImg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f1f516a71636c8d3dca11560a9f70465002c9221328e8f4f095aa77a93d6bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:51:21 GMT
x-content-type-options: nosniff
age: 437392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20822
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 09:04:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 14:51:21 GMT

GET
H3 200 txt_sprite.png
s0.2mdn.net/sadbundle/9520564935839426931/ Frame A4DE 7 KB
7 KB 48ms
47ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9520564935839426931/txt_sprite.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

298489bf6f86bf4e84db440169bb7665e6d8bbcec4de55d87cec22462dd571fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 03:49:59 GMT
x-content-type-options: nosniff
age: 390674
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6725
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 09:04:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 03:49:59 GMT

GET
H3 200 cta_03.png
s0.2mdn.net/sadbundle/9520564935839426931/ Frame A4DE 1 KB
1 KB 49ms
47ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9520564935839426931/cta_03.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8d456b6a5ddc02a9c5b625cb9e64da32424004d7878a318617b77be9995e8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:51:21 GMT
x-content-type-options: nosniff
age: 437392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1285
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 09:04:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 14:51:21 GMT

GET
H3 200 cta_01.png
s0.2mdn.net/sadbundle/9520564935839426931/ Frame A4DE 1 KB
1 KB 49ms
48ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9520564935839426931/cta_01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10437a025fa5891bd847ef8d1ce13dd67e813ed2f220b527f9056fde236b8e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:51:21 GMT
x-content-type-options: nosniff
age: 437392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1347
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 09:04:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 14:51:21 GMT

GET
H3 200 cta_02.png
s0.2mdn.net/sadbundle/9520564935839426931/ Frame A4DE 1 KB
1 KB 50ms
49ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9520564935839426931/cta_02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7977bd9c62b5aae0aeb0dfdabcf9277ce5301a02f499dfb161279d555644a944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:51:21 GMT
x-content-type-options: nosniff
age: 437392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1347
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 09:04:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 14:51:21 GMT

GET
H3 200 gg_logo.png
s0.2mdn.net/sadbundle/9520564935839426931/ Frame A4DE 14 KB
14 KB 49ms
48ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9520564935839426931/gg_logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32815411750eade0c3e9004923eda566341c105cea7f5d943244ac72196d4e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 03:49:59 GMT
x-content-type-options: nosniff
age: 390674
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14385
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 09:04:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 03:49:59 GMT

GET
H3 200 logo_ende.png
s0.2mdn.net/sadbundle/9520564935839426931/ Frame A4DE 3 KB
3 KB 50ms
48ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9520564935839426931/logo_ende.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c3c59b7c90ba3aebb087626871795373696638075e61e99a20527a2a5924c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9520564935839426931/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:51:21 GMT
x-content-type-options: nosniff
age: 437392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3547
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 09:04:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 14:51:21 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CA8 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:19:12 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3530 36 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:19:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2C9F 466 B
301 B 65ms
60ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNXBBYmmz9zetp7FunMyiFhUc1WqLFlVB7frm8Lc38QinRCut7ocunIM8PwXXss9-PmtKdQDuq4uu6Ls7wPgzhh8PE5tCcZt8YTWBQrKU0grfX4-c1yrTOk5NL8eebfN5dfE7OAZDOzJhJDYqHk-gI8pHkTnE-weOWR3HoMCo63rSqpLSBc

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FDAC 101 KB
37 KB 106ms
98ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BO4gXYvHJDRe8Myit5lfCCIHrBQ7Qrv-hrrziZoDigHQrgQA8ewHUSf325QZWfcG_kZkQFYkvupO8ODxEDAbN57N2mXah4Ega8QG9ZNlQhRM9JrMbUJbIuyA5hVaCu0PulJikoAnWoIg0PeM-fIVwxsQsEQg&dbm_d=AKAmf-AuCU_mSWdqvQaIdiYbkfinIvk1_83QIqu0KsmmVVTTZSeIj-j5NnMtxn9DO_Az69xrWLVT2R_f6uXkd9rCPvSz9prXcNKXBPSo_L4ZetG7_1BQZ5DzMtnZHV3j-LM9_YiiXfCPBGE-_gisDF53MxzR9ZPAvFjSpda4vuq_UJnopD9orpgVAiL9P1h6F3b_tTLs5bvOrkC3y1ATayBbN4AcVFcfGiCbnwxSghp8OLRkH6uttlO3qCzX1tqbJ4LWhMG535o6mUoizi0aKP-xfvv2ibZp2pco9Pr2eEkx4InEWCOFL9kjnaXgqOW1iXmoQNerYn_k9WCme0n-Kw2BDj4sy25YX3ja3rBXGuQOEYJnp4b3fFsP8pADAXJrybbSKln80bD4BF0txvTCFArbcSGGjjhUhY5BF-8rmPLm-7rcVQpllF5VuDh_uCv90HDUrjBWnSn_MHZznreRNmfBCRLAaOYaZMS6SX9FDhcT7JovYF0i4_4TwaqlRLmIFMmljQUbRHkQC-URFhgakdTqxRuVu5uYfIBN8kYI_c4cjFFSprU4g6sMbfpOYoSAkqAywSOd2ojukqLijFvh0TlNn68woFUvOjVM6asi-ByWIXe1VfQ4XXMY_jNwqj4A4NoH3h4K_mVcXeYRnefozOmhT4yHPePAo0hPPWptbbTmPgulKKiukcWv3TxQbQV3kAU4uXaIm_HE2fLG97-djPJWCLSGviMmTcdFwj-uWJBhsuEfw1-BNlWoX3y8DDmjPkeFHMqWxB8rPij8rlJBVmr0GghGZgR2-8L-eRQEL1TlKYGVOhe1FDnrbeE8v8RvGqtmfAdu9ghwpmhZef-NeDod59hYM3ANwYaNW4ti7C15jXgKQFeUYDPqZga90iQdR1nAMGOJvDI15BpXoxHD7d5lJWsZpnP_NkzJVGaeBqq8ZNQE0_MRc_rS5KhK3dwy3ltErlBy3oa9hP6hAKNTQ-4fZbv0W9Vg-yVjRsnPyagqV6zg-NWm0iXv6vnJo4yRhsccMhm4XJHWv59DqJMMdGK86ZnkVM6Mipa-fMn6_uhBVE44BaQQNdFgYIFkH_OrtO9HcVE4kmQYa6OL_Fi8md_XEBPRUuiKzO37j4TocMX5rNjpyrvk45sdPExkZvtRQLAYl2dO8rnFqkAeeXBoGcLHNtoJfm0Osi8RFKqlkkJvRuzTdngCp0hmRfgb8zB11Rd-FJ1CqmggljSbSYt4mfvWQUX8ZjPVlK_SMp6l4kPlSKGJvRlxZBCdT71y8tBufr5IrqqJiKG4ROCrQnxsSZrIhDs05gaHuR5gS8X7XQa5No5BLBUljs40LszfUW7FpNBe4XT4QRi-Iui-ah0h53KRU8OxrAvSRlJZWtnBnuc9WsL-BHuzQXmLfzkoRVZ1sDhVRTzk9t2ZHq428KWlb5KKpzZMXZGi_fmFPunOXBnl3SkTMnApnWH3-rF2JMnmvwZDYGVeairfs-3092j13oVVMWoGd557knp4yXwZJsgrroBcvHZ7JfKIlWZF2jBHPcsblTMkz6f-FLd37Vz3_3JqOuv69SZo3Lno6L1tpWmaUeppvSdjBTy2gd3RBkMM39vdl_zH_pWZJjS_u7CoOLXm9l_HID4OEs1PyEdlEymz4rtDd3d6zyVpsqu6zlBywR1bcqf16KxjpDaymuNerrVcvCd1nKjipx6AZUGe9L4ivwSz6eEsJFkebTDouPdnHludbsAHC6DF6-lbbRoWU93spDEY98wtL7FfNFerpBsKUoDcrCN_IZu4u9WX7YR_zF52V-Krj0fCbHuYiELfx8nzPL6MY1Q1aGMCKAh7OIAxZTeh-_TTen_sQZeaJBdLuMhnvBqvxKkJAQuzlG88-vK2OeSjRAGccsKzm-CbLqmBGknU_8OoZamEBeoROOLXg_h6viTAYXOMyhPU5oqLql_1Ij2BRVkn6PpfBixfn7LP9X_v6W3oLFuhFUXu9s8-kzWD7-0t4L2HagoDHKWMPRI9lwvNLfHxXYLSFWJdXeFHAODZ-UAXI9QXdDaLlnW1pZYGjt7vmRcnmZ339WY6650I-DQ2SEUzG_3zn2SpsF4d6f3FQxuJFBOCkAAzLcDuFop1UPwJsOFwEOU9NyhUGbCAdSCkQfQtw1d1qJQ9dXlRp64s5c7RHsuX1bP_mVdLT_rCgMnzn_N6jEXxNbCQRVkuNiegDy2yBbS9B56gbUH5N-LODvbXfqEAw06MBQqCRzRq-NUG8PBaEuDWJmiWTqSCSm-kl7Asd0U97YM2da0tu6ajyGTlk56fp6ukqkwRxgn7C-jsfGlf_-qfB3NdgUT4vLyHQU6fl_jUirbS0TZMyaRw3yvVPlGUKFqX5bvlansboJE3-MEVSHbqnbELLl6GpnheuvyLJSUHg4geDu3Xgb0gLN_o5pc4INIgAVPHHfe7XR4nVQO9mH-4BaYAmybk8piWDGWaEBThF32zyfGUYK_BlyujNbLJMmREk2IfPjGIr-jfFoDsqt4cdcbco8QhpaIQn2jLmip3i8YYkX_Qg9Js7AYE4qTaeVcpiGM4JcSgFRwZ4c66XfewwrkJp3egL6J_FNewyRKirzdSkx0yd7N-aTarNxgyRg57IPvUw2ncGbzCkY9p6qH-JMlnQ3OpZG1lHHd9hJfjBScpaqot3Lh6VIvh-XawChri7Pj5gfXIZz0XYFMoqKOePFwuPxIuCTkZi4irGtMpRN3Gqy1HQ5gql80_b5N7mXTfDFtcTXi40478XOxDy59bMIj79Jykqe3o-Zp4WaK58PoVPqPlgiXvZdF09iCZk3Y86hTBnrjL-uC_5VvQmFF-Xql266SXleiqcokl-DYSZM0TaRbVQM_lqtvGINS3C8Z6NBIJYQbRYrhUmX4IMA3bGkoayG7Wm_NB6P0_i107ebAS1zxcnApZ2lMYaa66fpZbb0oWTMjtRvTo9tArmUxn3ZC37Cor7-WBdX-9ZYqfDJwq3mdLT0dxFgivd-I2Kj6CZc6NkwepPMDHgHwMr8zK1RgLI8vYhQuzIsBkIfkYcBgtGkas2Hm6jBBJMwx4V_if8A8JTazkJgpgYwtvtN89Dqwr2zMG7r9w3xxnFoTA1W_kMdlccIqFoiivJ0hbf-NgBJFhN_cxrBne4MR8vu1aLDAFq0Ugn-fQbn7e34L4GY6coNR6Td46zCRvaV0E1WSN8PP0wE3kSeAsfmblfNlNkj3fInHfZttqe3RtAxqbBfTk-fReH7l9UQqzxs-BuyR_BUOPgqMNbNlaba4Qj1tgIoT_d6z-XsrKeW_DfwMpfibi8A_pT9YXWSJcBseqe5mNvCVg1kCIn7ErX7uT3sChwqvyYX7oI7Qdug_vSDrQNnlFuBVLGsZ7g89bfYIvDsS2fSCVLuAMFoqxRGUmpYAgaWb_8sCryWikC6J-V2tIzpNoiix-1ESKSfMEKI0&cid=CAASJeRoSLl0MWc_RRNercq2_zi4hvqivlWTyS2SaQPgSXNA8PijT6o&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

767af7e4af13b996969709757995782f82467d9b08a25330b3f97a2ab366e1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37873
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDAC 42 B
63 B 81ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CiipyhabltadbmPBX4H-JNQyXEvMVXv5q5VBIMXTlK2xhCvcBZYS6Ohx8KWi_-LmTrDbRXAA6pBvD46TmZpXZ6A7bb_PIRatS005En5dWAcxvWYNM

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame FDAC 3 KB
1 KB 45ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDAC 140 KB
43 KB 59ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame FDAC 17 KB
7 KB 44ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:14:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FDAC 0
0 51ms
45ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZLfKUfuxBco6-4iwvomx5gZxgC5EUm3G25UZJgdz2DefUpZ3DHpFsuh4ncAuy1v6iphSYbkT0kWXOyJQRksXqInfPzQ
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 826 B
862 B 45ms
39ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 826
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CA9A 398 B
279 B 68ms
60ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYmeGZyAEwAQ&v=APEucNWxm_rKTSXDNn3I-O8zCkX9YxqsBBIIR3hnPVFyyjP-llTCpMPfl4FJIRzw2f-xYFLUndOD4VaQDykh_jahEFY6QWSQyspxFE2u9MTZycl3XhorGgQKzwKmdIMIYq_pciFd1tZIsU0TSW-vE7IlfXRpeFgwtr-WgZ0JdrX2MKHIucQTyBM

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 258
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2780 101 KB
37 KB 108ms
100ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CWy1GKp7kSFGsaB0kCObvtSLYiW9N-m8hgE3CCQJ9xSuXicih1aRqn3PDsmdpNxVtA5IVULOqwtnhC5ALUUfgzCshYLh8Ja6wbX_nh0qqiQ6TjLNtkxWwzTomnAWPEfVklyHkWyxdFMEEm1O4brp9q67mmsA&dbm_d=AKAmf-ABXi25Cviuy8mjLgT8e28BgH4nqibX_sXHlM8i8Xou82FHuIhcfX2ZuQkc8mo_CGXELgCEzZjqb8P_XlQ4bnrq-qqXbKesZ-uegCWP-UaFXQLAjpxATSKOCPTZRisTblOwPyQByMef9Az_pY9AXFZgh5uTi0Z2lftldxRKdm3T42MN6DsYVg9Vj-yxFDMFLTZ4JUWiWmBjwXewz67B4iBY4nYMXgosSjEGL0omBjAFuui0TRqvR7RBvf3UB1ooPn-KumWSXZ7kz8Tr_Rh8YeKmJao3i_o804ZVD0kVyhs8gh_R78pRgJFgXQ-P8PXpJ2JLTnCbcinrg9q4p-yTD6HjmyqMh215gZzeusZ7q4yY8vZj8LlltTXSR-rZNS3HQVnhnHs1AqKv-KKhHt0nGsRQQFQYD-y8hsFOkemJpkQXtzQc8MvafwIykKkQP8_jRulm2OLUIZledcm3o4XVN3NYGXU5W-T94ScKs04SShCy1XJkQcvkb-JECWYM2e1VU9CuZZnn4i9fGYgSZHo0opyyKzl2l20PcFB1tK2wnDJ0sFnANvYJcwoegV6Oru9nOdHwkQ479sGRxLmD6tdjQcivllc6seK2KwGupe3Fd1tpOnrWiFPjcU7SE31aQw2BM2jaxrqa0HRsac0TEQc4o00JRJSNkhMMqnvl_zKsOes3ilkNb_EYDIMY38-aWewdy1g88z3M1GMTw06FeyKIHo36V_kBZBzw5aeunnUHmfdBG6QIZa5_fLXCVsff9i4OCbbA1Yo4hIVtU7W0SOr5Zr7z4sg27VwklLhJlsfpenj8-ydjSSq0OcethuJs3XdrtWXD7IlqIJte4QizbhX1A4ZyG41kkv8Hufm_CbH7XUz2zWBEBRyIbc6YL70xeKsXSX7BlyPk8Z_moV2KXNBMiptt6jVoUNgi1L_9xuMJYM9n2TiQy-1dxjUnuuoqZCll53reBCqnNmso96-sZj9xdi2gmfgaTZ9sJd4c9-ZJxD1C8gsItoi8BSfk_1vbkcj5_8LnwJPxTGfOTkTHU_XQksAEV6f16CBfbLMiwVY9Nl76jU2hQi1aEOkdPYrRi9vAGh8yAz5N7fDe7-GB-Kg48X7de_mEiH0oY3LbnNkakIhmwJhaRsJ9DSiVh9RKqF7CNUzS0Zh83hETfOaEHpOFoCsbkstYT-qbhDc5GCC0yrc166EOFnDGjCF-aDQzwEorz53zeU1sIxOy5vjZRfhk4AxYi-BWwd9bACAg3a7VwGP5EhD6dzVnOnFP15J_M188lRB1QakfYTp8zW4kSPC1z2WccsHubLARKE1AG96SRWmmiAFE2IuIEjxkbJq6t9Y3Y9IyeuGWTmbDM9tFBOV8xaRRIjFsFYiolyinka0Jc9CGO7nxslRmkFQna2_6TbFvRIxM_eHR2Q1qkqHS8oBvXlD5zOon8_xGYgS2q4bvkYAjD_EU_CJiIK6UKONTeqLRiaTOia0VEOuEIVaTpqCR1Ax19H4PFw9n7uMvyt0sshB5vH_gSdbP4kIbgV1w7q3_9q1bBLNQu3K5LEdYBUmQ4QB-XtT7k6o5Tnhkt_PaIOwOw--a0JEHKTTGRTVdM_7CYh2iU0DZNB5hTnEyT4Yqkty8lznWNOEkNDE9beeujFPdA_Ch-AHntjab9fB5um6wJHgt1zx4tzq4RVCtSnAppyVZyd9KCmDWHJUEgNFe7JKOrJkwa3xjl2YReI8tVDbT3e99ZBPd5aI-qmyXJqGLaBBsJjazdp4NKk1TXnD0r3mf-_BglP9zpBCs8vq5qkinqr_TRZ9ux4VQsE84cSYjRSlszPFEZJ9RlRiRazCtSi4nNP0EAWH_ptQL37ubUszQHnIRI91dCEEBVqmf8yGCbi1ONzTTXwEmSZHZRVAMrW1Gr4v-exXoSlIYIO3kNXBQnI3uKbnSMtpcdMaa5rc6qkp78sqnlKlRARxx4hHPvA3VB0BSvMnfx8C7dzhJGaAkmyR4sq8qrJQSNgScFFpfEK0qqHZ1EK0GNgqYX3F1x2qNwCXaL2-sBE_5z_IzzIrnzPntgzjZqFq39u3tyAUG4xpYtVy6Gx9nDJZBxlPvz0Src-IHVpJu2Xk3h6w1qqJ1P2E7UiVouqhGTuY5eWkxOnllAfZsRTtSZFqjBDoy9zDSzcFCdtueRNhK5TRFkbr1ea3ApXNT8xvHsgcuk__biuI6oSWjogcZ6g0QIBSsVguzSTYB0b0IaBMybxh--aLTVAnLaXkOxCLyLEY4t4roGpuvb-E01pA5Innm_cKXMY1TfjYoPdnA6Ya1ZUxHAJ1WOqogXPqD1HESxU0z_jOjnM3xLLWfOvfTNSwlAX7D2D_QhUJZNP6BFK7IiembZkHdJa286IcpxdT-j-ASZ6iU4ooHU9KCdjfz9R0WBzDh67Ikdcnren5q2bgOgl95vOmAoke_GIpe1TJK3HBCyyg_4UjwtWRih_IhiTDF9aq4G9E90FDd2cMdrE_taFbkQot2Ok9ax2BDPvHl4Tvt0gQLBbfiQa_NmlaqRw9_LN3lw9WWs7LotL8MLhQ66QXfteNmAMyGjepjYVP1UPS0o0DCa43nBnrT9kioXKj9GAqogvT08FaZ4uTPT9TTT9LLTS06yNnEolyrxIF2G_hwRKGVfcycdGu-8mO9zMVOHXxULZswNs3VlSOdrXrAHMhaAnJhku_0X912ZU6PGaDtgEkBKUPmiN_iW9ORyVqLj1elDCuiKCO_BBVOZm-QDk8jT2kQlYRdZEXF2gHZaHV4ey6dVCJNWfabRvpg4HdhwSea-x5gtKsevaA4-I6agTDmesVbS7uZDdLP2Q8lmbYb3_2Uorh3M6v_8Rprv0trUKLlrqJPhX4z21yIZuEQRikkgYoz_LUkx6oopeWl2hr3eXMriIf7Ds6zibVQZOW2_wTqqGV2bk0QLH32Jz9LRNQHpy3HZctKzxvEmyKkybIRZggLJd899Cw4WDxFOZJsqRI77-z9BMuU4fhofArZHow-_jnXFlbqgd2n058tzw44hKqVNvKuW3zA6hI38RV3L62pFQ6YkZcxhPmrCB_clI-pBtopvLwWzhKTvVOlXAsWLkwgfzNLGutpL2riQfmUYkSEU9rNAStGjP_vdqwAdrsP-MieMtgc5MkblGsTPgFuiwpJBA5NTKMFGCNLpaDzwOxurZxiZjRD48Ky4uq2sWeRg199VzW6rMPgVdvNdDP9OCni2dYXYSEmChmaDJhNpT9IuyW7zhNGAapusFZ_JZ61qjhwbgCMobn29rDpAVA2ZDgGIULiFg-QZ5jLBtpnudEd1wBl4rxK56KGnHGs2N-dyrCG2VPojiKjUi8oGB4ku93WESx1XW20UbjepFGXagMKz9vlYCrwaYQXHppiIBJ_VgpMMdGvuZpnypiRNTicaTyDQJYtGrbOCLfo2LcwR6T5_V8ywiYzQ1Y&cid=CAASJeRoFDB6-Gond5xn8bkxDJusvZV_NcuLosy04GhADTNPUTlnEBc&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ae6eae023721b5d92b2332eafc4227a6d82aeec40f951806827bb5242b7091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37914
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2780 42 B
63 B 79ms
72ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B2-9FXxy8OX-3HBD0lFOGJU2qzwtNjcFTM5InjYofM7d77wT3sn1LLWWqjJYyiya4qcL3qFnoLiTaL9tJRWICo7Jpw-XeP7CmV2voDhD3-Mr7skhc

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 2780 3 KB
1 KB 44ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2780 140 KB
43 KB 74ms
67ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 2780 17 KB
7 KB 45ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:14:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2780 0
0 52ms
45ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkm_-hyF-V_8xkrRnDrKtpUb5paa5NoLIK2dscgkY5L2WEcT2dM5I7logt8u5E86FLFIElbmoAmBYNjLPj_jrb9svojA
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 46ms
45ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
46ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 311ms
311ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2430929597675077&correlator=2548879582242468&eid=31068922%2C31068928&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Cdynamic%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600&ifi=19&adks=715658818&sfv=1-0-38&fsapi=false&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1660580472950-0%26is_vmhbmp%3Dtrue%26hb_override_id%3D5060323%26hb_buyer_id%3D20968%26hb_r_id%3D4483dfc93d10d66e%26hb_site_id%3D14381%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D1.47%26hb_adid%3D45932c5951aa56fb%26hb_bidder%3DadtelligentMarket%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fhome5%252F&sc=1&cookie=ID%3Dd562cb2546f0669c%3AT%3D1660580471%3AS%3DALNI_MZqoKBLmfqE5V-ASk2s5uuas75M4A&abxe=1&dt=1660580473326&lmt=1660580473&dlt=1660580469565&idt=1420&adxs=1600&adys=601&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPImPoBUsMDy2tn3kF3ROoAGfbxslkPUrJXDbg_exweMyvLsQCzUKxS9LrFt2F5GtYm7i4zxG6K5DiQRre8X2FNF_EY%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1083353256.1660580471&ga_sid=1660580471&ga_hid=568714051&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

7bf996ebe7fe4185e029a296a87c765f4282eb042ca2d5ba6c17474f58ea0881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9400
x-xss-protection: 0
google-lineitem-id: 5674632392
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347590741
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 h4.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 967 B
1003 B 39ms
38ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 967
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 2C9F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGsxSJniOP4syJZkVoUolVA&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGsxSJniOP4syJZkVoUolVA&google_cver=1&__user_check__=1&sync_id=4807d8f9-1cb6-11ed-baff-11a3cbba0506

43 B
549 B

46ms
46ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGsxSJniOP4syJZkVoUolVA&google_cver=1&__user_check__=1&sync_id=4807d8f9-1cb6-11ed-baff-11a3cbba0506
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNXBBYmmz9zetp7FunMyiFhUc1WqLFlVB7frm8Lc38QinRCut7ocunIM8PwXXss9-PmtKdQDuq4uu6Ls7wPgzhh8PE5tCcZt8YTWBQrKU0grfX4-c1yrTOk5NL8eebfN5dfE7OAZDOzJhJDYqHk-gI8pHkTnE-weOWR3HoMCo63rSqpLSBc
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 16:21:13 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 101
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 15 Aug 2022 16:21:13 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEGsxSJniOP4syJZkVoUolVA&google_cver=1&__user_check__=1&sync_id=4807d8f9-1cb6-11ed-baff-11a3cbba0506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 32
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C9F
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDgwNmFkYWUtMWNiNi0xMWVkLTg3MjUtMTQzZDU2YTEwNTA2

170 B
188 B

61ms
54ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDgwNmFkYWUtMWNiNi0xMWVkLTg3MjUtMTQzZDU2YTEwNTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNXBBYmmz9zetp7FunMyiFhUc1WqLFlVB7frm8Lc38QinRCut7ocunIM8PwXXss9-PmtKdQDuq4uu6Ls7wPgzhh8PE5tCcZt8YTWBQrKU0grfX4-c1yrTOk5NL8eebfN5dfE7OAZDOzJhJDYqHk-gI8pHkTnE-weOWR3HoMCo63rSqpLSBc

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 15 Aug 2022 16:21:13 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDgwNmFkYWUtMWNiNi0xMWVkLTg3MjUtMTQzZDU2YTEwNTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 104
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C9F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1kRUZscWtCRTJ1RjlsUk5NWm5LdTgyUUVSdzYzeDRaQX5B

170 B
188 B

58ms
58ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1kRUZscWtCRTJ1RjlsUk5NWm5LdTgyUUVSdzYzeDRaQX5B

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1kRUZscWtCRTJ1RjlsUk5NWm5LdTgyUUVSdzYzeDRaQX5B
date: Mon, 15 Aug 2022 16:21:13 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame CA9A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEINT3iicjoDRpE5Upsgho7M&google_cver=1

43 B
163 B

174ms
47ms

Image
image/gif

185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEINT3iicjoDRpE5Upsgho7M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYmeGZyAEwAQ&v=APEucNWxm_rKTSXDNn3I-O8zCkX9YxqsBBIIR3hnPVFyyjP-llTCpMPfl4FJIRzw2f-xYFLUndOD4VaQDykh_jahEFY6QWSQyspxFE2u9MTZycl3XhorGgQKzwKmdIMIYq_pciFd1tZIsU0TSW-vE7IlfXRpeFgwtr-WgZ0JdrX2MKHIucQTyBM
Protocol: HTTP/1.1
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:12 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEINT3iicjoDRpE5Upsgho7M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame CA9A 43 B
163 B 242ms
48ms Image
image/gif 185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYmeGZyAEwAQ&v=APEucNWxm_rKTSXDNn3I-O8zCkX9YxqsBBIIR3hnPVFyyjP-llTCpMPfl4FJIRzw2f-xYFLUndOD4VaQDykh_jahEFY6QWSQyspxFE2u9MTZycl3XhorGgQKzwKmdIMIYq_pciFd1tZIsU0TSW-vE7IlfXRpeFgwtr-WgZ0JdrX2MKHIucQTyBM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:12 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4F97 42 B
64 B 81ms
80ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuh3OKPXbBvR3r-nRR87v1eGCJcqIUGS2ZUnTV-k41URaQBE1V0NSc86QygH97EOSFlnY7s9Jg6N_N7sxWWTMGIeUSpoCmYUClwITYLaHXcRIFe295fspXAa_8whTwai-PIfhvX9LvdIiB0x3jqpadbBIv_eto-VfFJvGBRguA&sai=AMfl-YQpQG7gaH9mOzTRZ4UxdYjBIG6kW6r3LORVod63HBoJXWNU2ZwGMywTfSffQxy5PSlr0jod2QeEIC2hK6RO0LP92NodbJNXmAiJNNXK&sig=Cg0ArKJSzH1bEXcXwPwREAE&cid=CAQSLQCsnQUxRr9Z29JLtlhCo9a9oTvt4rX9B8wODgbZV_sYutYI-Z6UDjLWDxO-Qg&id=ampim&o=315,100&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1023&mtos=0,0,0,1023,1023&tos=0,0,0,1023,0&tfs=614&tls=1637&g=100&h=100&tt=1637&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=2911869608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 h5.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 621 B
657 B 48ms
48ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h5.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1316c59ebb7ebf3879a5d7f1fb1644a34769bcaa22e24ce93d7b2e9c43fa0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 621
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/886862/62195781/ Frame FDAC 236 KB
70 KB 325ms
56ms Script
application/javascript 18.202.123.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/886862/62195781/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.123.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-123-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4c5a654aa0267106a9752ed84cc61f9d3459912723bd2c1aaced32f6c73cf3c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FDAC 170 KB
59 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Origin: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame FDAC 8 KB
3 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BO4gXYvHJDRe8Myit5lfCCIHrBQ7Qrv-hrrziZoDigHQrgQA8ewHUSf325QZWfcG_kZkQFYkvupO8ODxEDAbN57N2mXah4Ega8QG9ZNlQhRM9JrMbUJbIuyA5hVaCu0PulJikoAnWoIg0PeM-fIVwxsQsEQg&dbm_d=AKAmf-AuCU_mSWdqvQaIdiYbkfinIvk1_83QIqu0KsmmVVTTZSeIj-j5NnMtxn9DO_Az69xrWLVT2R_f6uXkd9rCPvSz9prXcNKXBPSo_L4ZetG7_1BQZ5DzMtnZHV3j-LM9_YiiXfCPBGE-_gisDF53MxzR9ZPAvFjSpda4vuq_UJnopD9orpgVAiL9P1h6F3b_tTLs5bvOrkC3y1ATayBbN4AcVFcfGiCbnwxSghp8OLRkH6uttlO3qCzX1tqbJ4LWhMG535o6mUoizi0aKP-xfvv2ibZp2pco9Pr2eEkx4InEWCOFL9kjnaXgqOW1iXmoQNerYn_k9WCme0n-Kw2BDj4sy25YX3ja3rBXGuQOEYJnp4b3fFsP8pADAXJrybbSKln80bD4BF0txvTCFArbcSGGjjhUhY5BF-8rmPLm-7rcVQpllF5VuDh_uCv90HDUrjBWnSn_MHZznreRNmfBCRLAaOYaZMS6SX9FDhcT7JovYF0i4_4TwaqlRLmIFMmljQUbRHkQC-URFhgakdTqxRuVu5uYfIBN8kYI_c4cjFFSprU4g6sMbfpOYoSAkqAywSOd2ojukqLijFvh0TlNn68woFUvOjVM6asi-ByWIXe1VfQ4XXMY_jNwqj4A4NoH3h4K_mVcXeYRnefozOmhT4yHPePAo0hPPWptbbTmPgulKKiukcWv3TxQbQV3kAU4uXaIm_HE2fLG97-djPJWCLSGviMmTcdFwj-uWJBhsuEfw1-BNlWoX3y8DDmjPkeFHMqWxB8rPij8rlJBVmr0GghGZgR2-8L-eRQEL1TlKYGVOhe1FDnrbeE8v8RvGqtmfAdu9ghwpmhZef-NeDod59hYM3ANwYaNW4ti7C15jXgKQFeUYDPqZga90iQdR1nAMGOJvDI15BpXoxHD7d5lJWsZpnP_NkzJVGaeBqq8ZNQE0_MRc_rS5KhK3dwy3ltErlBy3oa9hP6hAKNTQ-4fZbv0W9Vg-yVjRsnPyagqV6zg-NWm0iXv6vnJo4yRhsccMhm4XJHWv59DqJMMdGK86ZnkVM6Mipa-fMn6_uhBVE44BaQQNdFgYIFkH_OrtO9HcVE4kmQYa6OL_Fi8md_XEBPRUuiKzO37j4TocMX5rNjpyrvk45sdPExkZvtRQLAYl2dO8rnFqkAeeXBoGcLHNtoJfm0Osi8RFKqlkkJvRuzTdngCp0hmRfgb8zB11Rd-FJ1CqmggljSbSYt4mfvWQUX8ZjPVlK_SMp6l4kPlSKGJvRlxZBCdT71y8tBufr5IrqqJiKG4ROCrQnxsSZrIhDs05gaHuR5gS8X7XQa5No5BLBUljs40LszfUW7FpNBe4XT4QRi-Iui-ah0h53KRU8OxrAvSRlJZWtnBnuc9WsL-BHuzQXmLfzkoRVZ1sDhVRTzk9t2ZHq428KWlb5KKpzZMXZGi_fmFPunOXBnl3SkTMnApnWH3-rF2JMnmvwZDYGVeairfs-3092j13oVVMWoGd557knp4yXwZJsgrroBcvHZ7JfKIlWZF2jBHPcsblTMkz6f-FLd37Vz3_3JqOuv69SZo3Lno6L1tpWmaUeppvSdjBTy2gd3RBkMM39vdl_zH_pWZJjS_u7CoOLXm9l_HID4OEs1PyEdlEymz4rtDd3d6zyVpsqu6zlBywR1bcqf16KxjpDaymuNerrVcvCd1nKjipx6AZUGe9L4ivwSz6eEsJFkebTDouPdnHludbsAHC6DF6-lbbRoWU93spDEY98wtL7FfNFerpBsKUoDcrCN_IZu4u9WX7YR_zF52V-Krj0fCbHuYiELfx8nzPL6MY1Q1aGMCKAh7OIAxZTeh-_TTen_sQZeaJBdLuMhnvBqvxKkJAQuzlG88-vK2OeSjRAGccsKzm-CbLqmBGknU_8OoZamEBeoROOLXg_h6viTAYXOMyhPU5oqLql_1Ij2BRVkn6PpfBixfn7LP9X_v6W3oLFuhFUXu9s8-kzWD7-0t4L2HagoDHKWMPRI9lwvNLfHxXYLSFWJdXeFHAODZ-UAXI9QXdDaLlnW1pZYGjt7vmRcnmZ339WY6650I-DQ2SEUzG_3zn2SpsF4d6f3FQxuJFBOCkAAzLcDuFop1UPwJsOFwEOU9NyhUGbCAdSCkQfQtw1d1qJQ9dXlRp64s5c7RHsuX1bP_mVdLT_rCgMnzn_N6jEXxNbCQRVkuNiegDy2yBbS9B56gbUH5N-LODvbXfqEAw06MBQqCRzRq-NUG8PBaEuDWJmiWTqSCSm-kl7Asd0U97YM2da0tu6ajyGTlk56fp6ukqkwRxgn7C-jsfGlf_-qfB3NdgUT4vLyHQU6fl_jUirbS0TZMyaRw3yvVPlGUKFqX5bvlansboJE3-MEVSHbqnbELLl6GpnheuvyLJSUHg4geDu3Xgb0gLN_o5pc4INIgAVPHHfe7XR4nVQO9mH-4BaYAmybk8piWDGWaEBThF32zyfGUYK_BlyujNbLJMmREk2IfPjGIr-jfFoDsqt4cdcbco8QhpaIQn2jLmip3i8YYkX_Qg9Js7AYE4qTaeVcpiGM4JcSgFRwZ4c66XfewwrkJp3egL6J_FNewyRKirzdSkx0yd7N-aTarNxgyRg57IPvUw2ncGbzCkY9p6qH-JMlnQ3OpZG1lHHd9hJfjBScpaqot3Lh6VIvh-XawChri7Pj5gfXIZz0XYFMoqKOePFwuPxIuCTkZi4irGtMpRN3Gqy1HQ5gql80_b5N7mXTfDFtcTXi40478XOxDy59bMIj79Jykqe3o-Zp4WaK58PoVPqPlgiXvZdF09iCZk3Y86hTBnrjL-uC_5VvQmFF-Xql266SXleiqcokl-DYSZM0TaRbVQM_lqtvGINS3C8Z6NBIJYQbRYrhUmX4IMA3bGkoayG7Wm_NB6P0_i107ebAS1zxcnApZ2lMYaa66fpZbb0oWTMjtRvTo9tArmUxn3ZC37Cor7-WBdX-9ZYqfDJwq3mdLT0dxFgivd-I2Kj6CZc6NkwepPMDHgHwMr8zK1RgLI8vYhQuzIsBkIfkYcBgtGkas2Hm6jBBJMwx4V_if8A8JTazkJgpgYwtvtN89Dqwr2zMG7r9w3xxnFoTA1W_kMdlccIqFoiivJ0hbf-NgBJFhN_cxrBne4MR8vu1aLDAFq0Ugn-fQbn7e34L4GY6coNR6Td46zCRvaV0E1WSN8PP0wE3kSeAsfmblfNlNkj3fInHfZttqe3RtAxqbBfTk-fReH7l9UQqzxs-BuyR_BUOPgqMNbNlaba4Qj1tgIoT_d6z-XsrKeW_DfwMpfibi8A_pT9YXWSJcBseqe5mNvCVg1kCIn7ErX7uT3sChwqvyYX7oI7Qdug_vSDrQNnlFuBVLGsZ7g89bfYIvDsS2fSCVLuAMFoqxRGUmpYAgaWb_8sCryWikC6J-V2tIzpNoiix-1ESKSfMEKI0&cid=CAASJeRoSLl0MWc_RRNercq2_zi4hvqivlWTyS2SaQPgSXNA8PijT6o&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame FDAC 30 KB
12 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:20:27 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/886862/62195778/ Frame 2780 236 KB
70 KB 313ms
56ms Script
application/javascript 18.202.123.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/886862/62195778/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.123.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-123-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01931ac53e7a4f3bd86cd9fc1201c20272ef96757fea8b0019f8daca677c860c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2780 170 KB
59 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Origin: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 2780 8 KB
3 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CWy1GKp7kSFGsaB0kCObvtSLYiW9N-m8hgE3CCQJ9xSuXicih1aRqn3PDsmdpNxVtA5IVULOqwtnhC5ALUUfgzCshYLh8Ja6wbX_nh0qqiQ6TjLNtkxWwzTomnAWPEfVklyHkWyxdFMEEm1O4brp9q67mmsA&dbm_d=AKAmf-ABXi25Cviuy8mjLgT8e28BgH4nqibX_sXHlM8i8Xou82FHuIhcfX2ZuQkc8mo_CGXELgCEzZjqb8P_XlQ4bnrq-qqXbKesZ-uegCWP-UaFXQLAjpxATSKOCPTZRisTblOwPyQByMef9Az_pY9AXFZgh5uTi0Z2lftldxRKdm3T42MN6DsYVg9Vj-yxFDMFLTZ4JUWiWmBjwXewz67B4iBY4nYMXgosSjEGL0omBjAFuui0TRqvR7RBvf3UB1ooPn-KumWSXZ7kz8Tr_Rh8YeKmJao3i_o804ZVD0kVyhs8gh_R78pRgJFgXQ-P8PXpJ2JLTnCbcinrg9q4p-yTD6HjmyqMh215gZzeusZ7q4yY8vZj8LlltTXSR-rZNS3HQVnhnHs1AqKv-KKhHt0nGsRQQFQYD-y8hsFOkemJpkQXtzQc8MvafwIykKkQP8_jRulm2OLUIZledcm3o4XVN3NYGXU5W-T94ScKs04SShCy1XJkQcvkb-JECWYM2e1VU9CuZZnn4i9fGYgSZHo0opyyKzl2l20PcFB1tK2wnDJ0sFnANvYJcwoegV6Oru9nOdHwkQ479sGRxLmD6tdjQcivllc6seK2KwGupe3Fd1tpOnrWiFPjcU7SE31aQw2BM2jaxrqa0HRsac0TEQc4o00JRJSNkhMMqnvl_zKsOes3ilkNb_EYDIMY38-aWewdy1g88z3M1GMTw06FeyKIHo36V_kBZBzw5aeunnUHmfdBG6QIZa5_fLXCVsff9i4OCbbA1Yo4hIVtU7W0SOr5Zr7z4sg27VwklLhJlsfpenj8-ydjSSq0OcethuJs3XdrtWXD7IlqIJte4QizbhX1A4ZyG41kkv8Hufm_CbH7XUz2zWBEBRyIbc6YL70xeKsXSX7BlyPk8Z_moV2KXNBMiptt6jVoUNgi1L_9xuMJYM9n2TiQy-1dxjUnuuoqZCll53reBCqnNmso96-sZj9xdi2gmfgaTZ9sJd4c9-ZJxD1C8gsItoi8BSfk_1vbkcj5_8LnwJPxTGfOTkTHU_XQksAEV6f16CBfbLMiwVY9Nl76jU2hQi1aEOkdPYrRi9vAGh8yAz5N7fDe7-GB-Kg48X7de_mEiH0oY3LbnNkakIhmwJhaRsJ9DSiVh9RKqF7CNUzS0Zh83hETfOaEHpOFoCsbkstYT-qbhDc5GCC0yrc166EOFnDGjCF-aDQzwEorz53zeU1sIxOy5vjZRfhk4AxYi-BWwd9bACAg3a7VwGP5EhD6dzVnOnFP15J_M188lRB1QakfYTp8zW4kSPC1z2WccsHubLARKE1AG96SRWmmiAFE2IuIEjxkbJq6t9Y3Y9IyeuGWTmbDM9tFBOV8xaRRIjFsFYiolyinka0Jc9CGO7nxslRmkFQna2_6TbFvRIxM_eHR2Q1qkqHS8oBvXlD5zOon8_xGYgS2q4bvkYAjD_EU_CJiIK6UKONTeqLRiaTOia0VEOuEIVaTpqCR1Ax19H4PFw9n7uMvyt0sshB5vH_gSdbP4kIbgV1w7q3_9q1bBLNQu3K5LEdYBUmQ4QB-XtT7k6o5Tnhkt_PaIOwOw--a0JEHKTTGRTVdM_7CYh2iU0DZNB5hTnEyT4Yqkty8lznWNOEkNDE9beeujFPdA_Ch-AHntjab9fB5um6wJHgt1zx4tzq4RVCtSnAppyVZyd9KCmDWHJUEgNFe7JKOrJkwa3xjl2YReI8tVDbT3e99ZBPd5aI-qmyXJqGLaBBsJjazdp4NKk1TXnD0r3mf-_BglP9zpBCs8vq5qkinqr_TRZ9ux4VQsE84cSYjRSlszPFEZJ9RlRiRazCtSi4nNP0EAWH_ptQL37ubUszQHnIRI91dCEEBVqmf8yGCbi1ONzTTXwEmSZHZRVAMrW1Gr4v-exXoSlIYIO3kNXBQnI3uKbnSMtpcdMaa5rc6qkp78sqnlKlRARxx4hHPvA3VB0BSvMnfx8C7dzhJGaAkmyR4sq8qrJQSNgScFFpfEK0qqHZ1EK0GNgqYX3F1x2qNwCXaL2-sBE_5z_IzzIrnzPntgzjZqFq39u3tyAUG4xpYtVy6Gx9nDJZBxlPvz0Src-IHVpJu2Xk3h6w1qqJ1P2E7UiVouqhGTuY5eWkxOnllAfZsRTtSZFqjBDoy9zDSzcFCdtueRNhK5TRFkbr1ea3ApXNT8xvHsgcuk__biuI6oSWjogcZ6g0QIBSsVguzSTYB0b0IaBMybxh--aLTVAnLaXkOxCLyLEY4t4roGpuvb-E01pA5Innm_cKXMY1TfjYoPdnA6Ya1ZUxHAJ1WOqogXPqD1HESxU0z_jOjnM3xLLWfOvfTNSwlAX7D2D_QhUJZNP6BFK7IiembZkHdJa286IcpxdT-j-ASZ6iU4ooHU9KCdjfz9R0WBzDh67Ikdcnren5q2bgOgl95vOmAoke_GIpe1TJK3HBCyyg_4UjwtWRih_IhiTDF9aq4G9E90FDd2cMdrE_taFbkQot2Ok9ax2BDPvHl4Tvt0gQLBbfiQa_NmlaqRw9_LN3lw9WWs7LotL8MLhQ66QXfteNmAMyGjepjYVP1UPS0o0DCa43nBnrT9kioXKj9GAqogvT08FaZ4uTPT9TTT9LLTS06yNnEolyrxIF2G_hwRKGVfcycdGu-8mO9zMVOHXxULZswNs3VlSOdrXrAHMhaAnJhku_0X912ZU6PGaDtgEkBKUPmiN_iW9ORyVqLj1elDCuiKCO_BBVOZm-QDk8jT2kQlYRdZEXF2gHZaHV4ey6dVCJNWfabRvpg4HdhwSea-x5gtKsevaA4-I6agTDmesVbS7uZDdLP2Q8lmbYb3_2Uorh3M6v_8Rprv0trUKLlrqJPhX4z21yIZuEQRikkgYoz_LUkx6oopeWl2hr3eXMriIf7Ds6zibVQZOW2_wTqqGV2bk0QLH32Jz9LRNQHpy3HZctKzxvEmyKkybIRZggLJd899Cw4WDxFOZJsqRI77-z9BMuU4fhofArZHow-_jnXFlbqgd2n058tzw44hKqVNvKuW3zA6hI38RV3L62pFQ6YkZcxhPmrCB_clI-pBtopvLwWzhKTvVOlXAsWLkwgfzNLGutpL2riQfmUYkSEU9rNAStGjP_vdqwAdrsP-MieMtgc5MkblGsTPgFuiwpJBA5NTKMFGCNLpaDzwOxurZxiZjRD48Ky4uq2sWeRg199VzW6rMPgVdvNdDP9OCni2dYXYSEmChmaDJhNpT9IuyW7zhNGAapusFZ_JZ61qjhwbgCMobn29rDpAVA2ZDgGIULiFg-QZ5jLBtpnudEd1wBl4rxK56KGnHGs2N-dyrCG2VPojiKjUi8oGB4ku93WESx1XW20UbjepFGXagMKz9vlYCrwaYQXHppiIBJ_VgpMMdGvuZpnypiRNTicaTyDQJYtGrbOCLfo2LcwR6T5_V8ywiYzQ1Y&cid=CAASJeRoFDB6-Gond5xn8bkxDJusvZV_NcuLosy04GhADTNPUTlnEBc&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 2780 30 KB
12 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:20:27 GMT

GET
H3 200 h6.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 682 B
718 B 81ms
80ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 682
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 6A04 21 KB
4 KB 107ms
47ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

943bffe44175fda268b40ed3fecfcf77df13d166786504fa59f30567319d9a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:13 GMT
expires: Tue, 15 Aug 2023 16:21:13 GMT
last-modified: Tue, 10 May 2022 13:01:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FDAC 0
27 B 274ms
226ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8wCmRTU4liIrA8mToIXPuvFAqJsFQTNEHXNFN_vNVHjyWYe6_x5LOaNzimijumjNRNSq0pJ3DlVHOax7iOCD6XnsmqHfFo-Sja_QiRppYiF38cgRxrgHDD-pSkAaNyU0kiR9y5tTYH4nYmZSPvgheKBgoT8VxLIGg5L0D2PZNqU3Avt0du2_V2Vw-ESSVTwPDMeM_G-NbsTwFxZxcAZFCx8rDu5pjvenwyzd3ylx7m-PIyeC88C6-YbaJnOVsSKibRCcvE_oOMCOTyGo5EQ_Q9Ci8_0FZ8I3mxSabXa31n_GIqJA50RnimuesGSAMs0Uy5k4UQOugxO3uQeYnSNqgYfDHRtR1sQKKLhEUrtN4W9Eo0tFVagsRnaqTFcHb78eiEJ2fxzRPu-kwJ_D5XoKpIpMdmADXDxAjBA01IeVztnIsM01irVotF_WRfqzZcV_ILnSRtmCsEGGGHiy-4DU-8TmrElbm_hGS5hjXxTlHFoau2Ie03G7ZRwH2k0oqqS7Ln0AqZTN_waHBQ5-ub_53Nho7XmG2m_0QpIFdIEOSK98BeFuy76M5g9TNdMK2otuis372D9nyWC4swk2yEj4Zb0pJe9VgzAsKuayr0yet8xNUT9953oTxDl3LU0qJwi9Ni4gQSPfYxOPgbAScB1_wTexUYSp8oL7UWroPfoyHHamiyHxFRviE0B7PJt6q4W19HgWZnmaAX42nd1SFfl6w4s3aDxO0gRbE1VKpMx_SoBHPq70XKUMjcZLSGe2t1uXK3EX9XjHr6fFu2gaissKLP9x0ORkvuMlOXGu22M6W3lxH5EDnzLf3IocGBXpnXiUqqpTWdLOhn6JpTiVCB3AIEzHH_bZ8ftUZcK_nOkZKiwSHil9LVqftnPL0FVPuebXYL9m2lXT_zfgvQ0zploVYMNt_ZLSxAkLaF5LaASzvY5HL2X9iaNdD7UcezIAfwVj1y0tJyRi5iXeWBjwZYMNBLiWfxvFBNvCBMtUdb5SeNYRVayDgRczfOpQHJX2jeiriwZDlLiWsF3jBixBPsdPhzMAOgHCJxrdIPwZ6cSovomSYNj4ANROzocYLPsCwMs8PBf8vaO5SKe2ibrF-nynZIA4MGz_MQ6JUY03JYk_msJgpfzjIIdIuk7kbcl6ZpUbBbPMPOTL-ags9GyOd3j3V0ejyMNB85vJcKZIrXIZ3cIwcB0uUnS_YGDHOMERf-DepDYZRcefANcXASPw8JQTYCyQcoXjXGLKw7UMUS0XCu7a3F8rXy4P8&sai=AMfl-YT_j3fS1NX259371pAzESaMleNhK4sl906FM-m1uXb-vckaz-iMi2LwTCWtXpnyKJD0s49a9M7OVqkc2g52Uk_2k7m7TMwd9aVLIQ0vrkfxJY7ADH_5h8luKqTRwM1eh5_g_6yT0ywM4-GFIBAzH1fug5_NqQn34q35Hnf0JYxng1MuzR4n47NqO3Ixf6oYQCCyvae_sfLxS3QqFpGjUh-c&sig=Cg0ArKJSzAT6crb0hh2kEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=104&cbvp=1&cstd=88&cisv=r20220810.41947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 15 Aug 2022 16:21:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FDAC 41 KB
15 KB 83ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 17:19:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 652C 1 KB
749 B 78ms
37ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 17:20:54 GMT
etag: 48472445140208031
expires: Mon, 15 Aug 2022 17:20:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FDAC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 704d558db1216604ec86038cc7c4499b610dd6c5113f75bf8ea0620b31645d02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A0BE 42 B
64 B 94ms
75ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhfoFrBq0XH-fuF0cIO0DxZRWGtDbahJyjrk-n2ms1SSGL4y9F2CefC5SRlo5zqX6k_-QV8_fpzw9_kdhADOb_2elSRZm5g2iMWgGCOOafORFajwbNiZhU8_77xUIoFvsjdkoNq2ikivAT&sai=AMfl-YRVp1Ibjrg0GVJh7rtJahcJh0yzYiPTtgtzueZHJ7VcjsRgUmLMMN2cz6XHPoK7aZOwURlmuj3dcR17UupjRXRa4MOijJ62BtNgqIwk&sig=Cg0ArKJSzMs7ug3oYEvwEAE&cid=CAQSLQCsnQUxKsPepsC2eh55qwiXqV55w5mT-YMpebvnuIqC9_PGxKtr5LydXcQy9Q&id=ampim&o=315,423&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1014&mtos=0,0,0,1014,1014&tos=0,0,0,1014,0&tfs=562&tls=1576&g=100&h=100&tt=1576&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3293583545

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2780 41 KB
15 KB 56ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 17:19:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6763 1 KB
749 B 55ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 17:20:54 GMT
etag: 48472445140208031
expires: Mon, 15 Aug 2022 17:20:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame AAD1 21 KB
4 KB 47ms
46ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0af374f8cbcb355cb1e9761a08c2d41400bf81b7f9ad176ef22871d31bc31ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:13 GMT
expires: Tue, 15 Aug 2023 16:21:13 GMT
last-modified: Wed, 18 May 2022 15:39:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2780 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bada252395d190c0be802b54935df22a2bbf63022c8652515f84afb0d00719d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2780 0
27 B 85ms
84ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6o_fhKnyCpvjH0VAIc8PkVkTxF2cMA57io_xZWSazjw1NA93E4_DVzbredsfURmKmTmtLIuKbaqMFKrc7dlZiFjVKpEEH9nBdwTOPfBssnIDbwY6xWwAHujHEuhLCk4EhkutIpjGHNUGlm-UJaqN58YI-gRd2FV4TCVAWEIs6AFy05HHDVGddub3hrG2WobIE8Ybyqm6RzZNoO5ZQy1jYmymwh_pZeqn2EC264qoREo2FmKW1KRIgkFHs9ra2P5dS8UhjtrnLAeUFfN5B_0nEnLxMppIB1XgfDJCwVh8CGK-XAgyrSavAfPNqke5CtkUABY4sDH5oH6CfjreeQTv2ucH24WUxrT_abl0BUu0Tswf7m-LfuVZDTN58TYAs9LAwy2jRutAvjeXu_6kJ57avCBVZegMgsE9PLPJo4LY6rnmP8m7jgdFQ1ZsU7q_DIwvZVw1golzPCs8vY1nZwStCTMC99sl6GmaTPhCtOQlErVNnd6Lv3XvhqZCC1VhBDaN4tHIZE7aoiSyi_xc_aAAhp4rVoGD5-3vAb63M-IstTr9l_TPaY1G3sJt5JNSQNNMJZ3khF8Da5I0JjZaXN0_sC-gWSEmdCVRtrHPGvg-Fwbd1ccvhxXu499n66givKkSepvCpSlqZ3BdQpd53Y_GpuPNgcIUMMKimD9NcyedGnkcMaWAgGXvy2OU6_4ToqCW2Zxx3TZJEEywuEdCaZAFT-aiWH8IS5kTcyF5fA9l1L0VJNI_zB1NEdepHxI3KAa_JV_UNFAbovfqfBuxEJaptkmwilyOBebGRwcRlZX4SMTt0w54gywCYLdy1HeawpoegqE_pTUKzzl2ay55NB-VYdaMhu0hkFbC4zxKu_DH1ge7sm7mdBKsVvyE_MOaIcEhzT9JryoNJ-tK5gwx9CTnA4qs49VWiYVSAwE5ksZNbn5f2A6geuc01qeHo5GIFbUHkXHAVWen0HQMFLbuRSgegHuC5lkF0MXkJpeL9rZE1-8BtrSOKt7QZsa8P-fKYTUGIA_XbB3b2m1rM8Kjbsi94gorzJBGYbYHmd6rO1K3Lmsaip08lvWZXePAeHg2k5fDaf7KmWjNXS6z3I0hk1WPCV1kTmAgxzEUMOB1eKI8OV2HpMGYY19JH9hZV9HDach39nnjvlQ2NgdUgLBrjrMNO0tC0JzUMqlD74OeQ9XqE6bX6S0sdRZs62aZ-lTMuLKrtBSJOkwK6ccwXEHry7a4ufOibCww49NHYk1GXeEpJbc6uP0SdUjg5&sai=AMfl-YQcxwochpOYf5TIAxD0vjenOwKPj3sRfyZRZ08yR7AA-RURqZ9mJ3XHO2kiBSaazu7XsV5LRDNaYjwSGHWvlHyOFUZNZOO5aaA-WdUe1PiusCD2ATuvEqkk3EjNxmIgzf8OAum73yRFq-nFbvqpPHZoNp6CEL71YIDBt6G47XQC_1WAoXeehhkXy8KjqQ7Pb_1IM_pJkleB68D6cvwZHAjt&sig=Cg0ArKJSzNl3e2woruc7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=174&cbvp=1&cstd=169&cisv=r20220810.48069&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 15 Aug 2022 16:21:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7882 6 KB
3 KB 38ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:11 GMT
expires: Tue, 15 Aug 2023 16:21:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hand.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 1 KB
1 KB 41ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/hand.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fce620efedb3a0ab107c356a4980ebff44cb931313fa31fd201b2e28121cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1491
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 6A04 5 KB
2 KB 42ms
42ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1870
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 20:28:14 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 6A04 1002 B
264 B 49ms
46ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 20:28:14 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 6A04 5 KB
1 KB 48ms
45ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca835533fc4836f0ceefea006b64fdf2ff220e4af8c7f35f9feb0578ef1a963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1023
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 20:28:14 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 6A04 118 KB
40 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 21:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 21:45:39 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6A04 57 KB
23 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 16:21:13 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 6A04 9 KB
4 KB 52ms
50ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3818
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 20:28:14 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 6A04 25 KB
10 KB 50ms
48ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10657
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 20:28:14 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 6A04 19 KB
3 KB 48ms
46ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

757c6dc6f0497810e93559029b21701920c7d217ebdd2a276fa308bc53fa7765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2775
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 20:28:14 GMT

GET /
google2waycm.netmng.com/cm/ Frame 652C 0
0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 652C 0
104 B 262ms
78ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEc41ZB7RU0pll9jWwpauMU&google_cver=1&google_push=AehlK4AI1KR6j8SPM7VR0Z5Equkwz6jhqvT5_dh79PlzZAEBtXT6A885kJ0lx1JVGKDwXQt5688wzPxfBz8pJmQlApXPwRt5IbnCTnKPpfiuWhMWuB_-RvEgzo-tGq_cRSqeeLwRRB90O5Y
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 652C
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMAZ7j1UcQv5OsstBjxyrc8&google_cver=1&google_push=AehlK4CT4AytxBobc72yAMdX4IK5ZNGTxuU5Kgn2fu6SCMQu-Ydvlk0DhxUqj8MhDv4PLAYIj5I24F5oQ-e...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4CT4AytxBobc72yAMdX4IK5ZNGTxuU5Kgn2fu6SCMQu-Ydvlk0DhxUqj8MhDv4PLAYIj5I24F5oQ-eZ2oBXGjfnW8tfMRtJeulyfZL0zTOo7mK7Yi75LRfNia4vQkA...

170 B
188 B

48ms
48ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4CT4AytxBobc72yAMdX4IK5ZNGTxuU5Kgn2fu6SCMQu-Ydvlk0DhxUqj8MhDv4PLAYIj5I24F5oQ-eZ2oBXGjfnW8tfMRtJeulyfZL0zTOo7mK7Yi75LRfNia4vQkAv4Gayo23Wvqo&google_hm=YZdkwE7fR1GMOYx4e7P5WWk

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4CT4AytxBobc72yAMdX4IK5ZNGTxuU5Kgn2fu6SCMQu-Ydvlk0DhxUqj8MhDv4PLAYIj5I24F5oQ-eZ2oBXGjfnW8tfMRtJeulyfZL0zTOo7mK7Yi75LRfNia4vQkAv4Gayo23Wvqo&google_hm=YZdkwE7fR1GMOYx4e7P5WWk
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 652C 0
173 B 144ms
45ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBjcXUp5NBiVL1AiBfgZebc&google_cver=1&google_push=AehlK4BKRsC3ej7POfBysRwCp0bIeRpoNg_dgLXWKKk0WVJ0E4tvegf0JVIN04mZXmHqm6XpfslW-N7Y9yM2d1Rogm62YjBKbeswcrhJ8UJyibjBFrps-oIEm9tHbuLM2QmAyxoevAfjvGs
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 652C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH2fbEGEa5PZ6D5wvdwDUzk&google_cver=1&google_push=AehlK4CxNkB7sdyTU5EU5AwSuhgjkSQkdsEaPETHpC4e4TvvXWQlgJA1Q9xmng8jc1KktzWFaRgnkaDm...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH2fbEGEa5PZ6D5wvdwDUzk&google_cver=1&google_push=AehlK4CxNkB7sdyTU5EU5AwSuhgjkSQkdsEaPETHpC4e4TvvXWQlgJA1Q9xmng8jc1KktzWFaRg...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MjA4NDkxMDE2NDMwNTg2NQ&google_push=AehlK4CxNkB7sdyTU5EU5AwSuhgjkSQkdsEaPETHpC4e4TvvXWQlgJA1Q9xmng8jc1KktzWFaRgnka...

170 B
188 B

48ms
48ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MjA4NDkxMDE2NDMwNTg2NQ&google_push=AehlK4CxNkB7sdyTU5EU5AwSuhgjkSQkdsEaPETHpC4e4TvvXWQlgJA1Q9xmng8jc1KktzWFaRgnkaDmi-VN4lx1k2CeqB8z2LSN3801pYw2TzxhWc84ReidhJ3tc_eNnKVsODqtyfBSG4gk

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MjA4NDkxMDE2NDMwNTg2NQ&google_push=AehlK4CxNkB7sdyTU5EU5AwSuhgjkSQkdsEaPETHpC4e4TvvXWQlgJA1Q9xmng8jc1KktzWFaRgnkaDmi-VN4lx1k2CeqB8z2LSN3801pYw2TzxhWc84ReidhJ3tc_eNnKVsODqtyfBSG4gk
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 652C
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDMDrWK7YJbPEv5cx7dnC24&google_cver=1&google_push=AehlK4A4PUq7hN4DLgtIx3lUj_x57eVmVucXKmIew-clxcX5os5LpLdTwtRaQsrlARBFC_vzUFc3Vvu5sOEp_0gH...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4A4PUq7hN4DLgtIx3lUj_x57eVmVucXKmIew-clxcX5os5LpLdTwtRaQsrlARBFC_vzUFc3Vvu5sOEp_0gHwdF7gd8XKCOiyNxgiPP5zecWY0nQkUV13Sj20WJorbE2...

170 B
188 B

48ms
47ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4A4PUq7hN4DLgtIx3lUj_x57eVmVucXKmIew-clxcX5os5LpLdTwtRaQsrlARBFC_vzUFc3Vvu5sOEp_0gHwdF7gd8XKCOiyNxgiPP5zecWY0nQkUV13Sj20WJorbE2bHqB12puMwc

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 Aug 2022 16:21:13 GMT
via: 1.1 08fee972d33a4bc475aad82a2fc199cc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4A4PUq7hN4DLgtIx3lUj_x57eVmVucXKmIew-clxcX5os5LpLdTwtRaQsrlARBFC_vzUFc3Vvu5sOEp_0gHwdF7gd8XKCOiyNxgiPP5zecWY0nQkUV13Sj20WJorbE2bHqB12puMwc
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: JGeDZmp2tVRFFJYq10pYkawyhQlqug6Pdm3o_HdyiMjSU6qXVl-CRA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 652C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH1PVZUx0L6gQhCKCobJs5Y&google_cver=1&google_push=AehlK4CPKn_me3FMOFokQGDovjxkeEqpgSw4oDOFIfsveChCQXuJwJEcrBCp97cRqFb_ngJ3nr...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1QMDZfZmZORTJ1SFRnaWt0Y3ZpclY2SC5PZDZoMkh0cX5B&google_push=AehlK4CPKn_me3FMOFokQGDovjxkeEqpgSw4oDOFIfsveChCQXuJwJEcr...

170 B
188 B

63ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1QMDZfZmZORTJ1SFRnaWt0Y3ZpclY2SC5PZDZoMkh0cX5B&google_push=AehlK4CPKn_me3FMOFokQGDovjxkeEqpgSw4oDOFIfsveChCQXuJwJEcrBCp97cRqFb_ngJ3nrkTqrE-A4mdacpK5EDA_zAo42n1cJOcyycvVI2uw1UiLZudKDEeLSbvJWUxmDV6WRw_dfX4wg

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1QMDZfZmZORTJ1SFRnaWt0Y3ZpclY2SC5PZDZoMkh0cX5B&google_push=AehlK4CPKn_me3FMOFokQGDovjxkeEqpgSw4oDOFIfsveChCQXuJwJEcrBCp97cRqFb_ngJ3nrkTqrE-A4mdacpK5EDA_zAo42n1cJOcyycvVI2uw1UiLZudKDEeLSbvJWUxmDV6WRw_dfX4wg
date: Mon, 15 Aug 2022 16:21:13 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 652C 0
12 B 55ms
54ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqLJwtGuHarfPnW3bUy7Sj6duIVqnKoBnpzQjj9OZ7vpFT2009sjArOA344zlitxwq76QjfA

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FF95 22 KB
8 KB 46ms
46ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 342127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 17:19:06 GMT
expires: Fri, 11 Aug 2023 17:19:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7950 22 KB
8 KB 47ms
47ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 342127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 17:19:06 GMT
expires: Fri, 11 Aug 2023 17:19:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6763
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEchqt4S7Ac4wmXXT0nSfgc&google_cver=1&google_push=AehlK4CVexI1tAWMr3NOVbkC6VztvnX_sI7e_mkyx2srnzNhuYTnqpY2NYkG56oyCD08NPUHHApObiOPtmaawslUeGyuA4Xclw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYzNjE2MDgwMzgwNzYyOTI4MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEchqt4S7Ac4wmXXT0nSfgc&google_cver=1

43 B
398 B

204ms
42ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEchqt4S7Ac4wmXXT0nSfgc&google_cver=1
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEchqt4S7Ac4wmXXT0nSfgc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6763
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMAZ7j1UcQv5OsstBjxyrc8&google_cver=1&google_push=AehlK4ACnfiRMJzFnsKeMuR5WsjzM3JACzDkqft0OdexYFep3zDMef9xAWCl2tc2tr8sghUfOxkbb8D74-e...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4ACnfiRMJzFnsKeMuR5WsjzM3JACzDkqft0OdexYFep3zDMef9xAWCl2tc2tr8sghUfOxkbb8D74-ehMK2f-6KbJaGalg&google_hm=W1FrnKDwRcuhaHCkN5J372k

170 B
188 B

48ms
47ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4ACnfiRMJzFnsKeMuR5WsjzM3JACzDkqft0OdexYFep3zDMef9xAWCl2tc2tr8sghUfOxkbb8D74-ehMK2f-6KbJaGalg&google_hm=W1FrnKDwRcuhaHCkN5J372k

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4ACnfiRMJzFnsKeMuR5WsjzM3JACzDkqft0OdexYFep3zDMef9xAWCl2tc2tr8sghUfOxkbb8D74-ehMK2f-6KbJaGalg&google_hm=W1FrnKDwRcuhaHCkN5J372k
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6763 0
119 B 116ms
46ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBjcXUp5NBiVL1AiBfgZebc&google_cver=1&google_push=AehlK4DM5S1H_XzFA6inWJ0QKUeKAU7wQt5CNr8ev0wiAX9vlquGGopexEEwALnhI-Z7vSDNFhNmN5etZ-tALfqieHXgbVXGjg
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6763
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH2fbEGEa5PZ6D5wvdwDUzk&google_cver=1&google_push=AehlK4DqN0zW88Q-Oln_JGtZRd1f0zdZxbqHer905kotpQWghgXD8dxj2mAR-tbPJYh3VSAXR27fblOz...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH2fbEGEa5PZ6D5wvdwDUzk&google_cver=1&google_push=AehlK4DqN0zW88Q-Oln_JGtZRd1f0zdZxbqHer905kotpQWghgXD8dxj2mAR-tbPJYh3VSAXR27...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNzcwOTY5ODQ1Njc5MzI0OA&google_push=AehlK4DqN0zW88Q-Oln_JGtZRd1f0zdZxbqHer905kotpQWghgXD8dxj2mAR-tbPJYh3VSAXR27fbl...

170 B
188 B

46ms
46ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNzcwOTY5ODQ1Njc5MzI0OA&google_push=AehlK4DqN0zW88Q-Oln_JGtZRd1f0zdZxbqHer905kotpQWghgXD8dxj2mAR-tbPJYh3VSAXR27fblOzO4DAdP-6VOuBPi1W-g

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzNzcwOTY5ODQ1Njc5MzI0OA&google_push=AehlK4DqN0zW88Q-Oln_JGtZRd1f0zdZxbqHer905kotpQWghgXD8dxj2mAR-tbPJYh3VSAXR27fblOzO4DAdP-6VOuBPi1W-g
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6763 43 B
351 B 150ms
47ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIDEoqD9Rd8F8C5qkFZdxG0&google_cver=1&google_push=AehlK4DqcvcOoGHiZZh8ZglFWSkrJOwLwIZINNqPhP1GkkpUvFR7QqVvdWln28CE_61lGCs57j-pXSh__RgS0aea2sbLPHa0
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 15co7f9miku6cucd0jgu5s9mibgjnmdn

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6763 0
166 B 199ms
45ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGX2zwpHmifxjy3R2aZOH3g&google_cver=1&google_push=AehlK4C83csajkXElqJH00iZi0xbKUa4uq-Ak0MFihv-I5ZLx5BPBUQZLK-L3-ziSZe5Ab05Nqx1ZCxtOxN6UfzAPc-zQWe5IA
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6763
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEObJXRCWWmDiShnrkuVl1vA&google_cver=1&google_push=AehlK4DaMJvmeBJ_XZI6Gggfz2ZayBABg8n0UPKpnB-EtiQrpwggo2ajilUN4xkx-V77CkkTLYh...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZVWVFLVVotMjEtN0xRTQ==&google_push=AehlK4DaMJvmeBJ_XZI6Gggfz2ZayBABg8n0UPKpnB-EtiQrpwggo2ajilUN4xkx-V77CkkTLYhCM-yRefnp_T7evDR60dl0TQ

170 B
188 B

50ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZVWVFLVVotMjEtN0xRTQ==&google_push=AehlK4DaMJvmeBJ_XZI6Gggfz2ZayBABg8n0UPKpnB-EtiQrpwggo2ajilUN4xkx-V77CkkTLYhCM-yRefnp_T7evDR60dl0TQ

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZVWVFLVVotMjEtN0xRTQ==&google_push=AehlK4DaMJvmeBJ_XZI6Gggfz2ZayBABg8n0UPKpnB-EtiQrpwggo2ajilUN4xkx-V77CkkTLYhCM-yRefnp_T7evDR60dl0TQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6763 0
12 B 46ms
45ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JrBlOfv4Yehd04E8f1UxETil5tJmjomsHOGuleiba8XNksyOaXHc7IQCBihueFzZCyqapU

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame AAD1 5 KB
2 KB 47ms
44ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1870
x-xss-protection: 0
last-modified: Wed, 18 May 2022 15:39:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 20:27:21 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame AAD1 1002 B
264 B 46ms
42ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 08:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Wed, 18 May 2022 15:39:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 08:45:34 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame AAD1 6 KB
1 KB 50ms
47ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38d08cb91aebf6b33bb560d39265b174413c0112c64ad9a214cf9252336e266f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1256
x-xss-protection: 0
last-modified: Wed, 18 May 2022 15:39:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 20:27:21 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame AAD1 118 KB
40 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 07:51:00 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame AAD1 57 KB
23 KB 59ms
55ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 16:21:13 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame AAD1 9 KB
4 KB 51ms
47ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3818
x-xss-protection: 0
last-modified: Wed, 18 May 2022 15:39:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 20:27:21 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame AAD1 25 KB
10 KB 53ms
48ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2f9d442f2bdcfc85728dbe33d891a4e160d31a22e80811519cca5e4493ca00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10631
x-xss-protection: 0
last-modified: Wed, 18 May 2022 15:39:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 20:27:21 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame AAD1 21 KB
3 KB 54ms
49ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b8e119aed83815ba6c2fa51e63f3760a1a6ecc0131a8b2a35b695c746ddf70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2922
x-xss-protection: 0
last-modified: Wed, 18 May 2022 15:39:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 20:27:21 GMT

GET
H3 200 introlog.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 3 KB
3 KB 55ms
42ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/introlog.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 411505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3529
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7882 22 KB
7 KB 55ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 11:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Aug 2023 11:21:40 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 7882 26 KB
10 KB 144ms
50ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 8874
age: 24695
x-jsd-version: 1.13.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19137-FRA, cache-hhn4071-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mrlK5EDDRqpn8Uvd8y4%2BwQm8FArNap6Taxr8gxG7k6X8YwUon9G6cE7KKjEabF08UEgS1IpP%2F%2BuXPsO2QQD%2BXI6ve%2F9uLVAX6nMN%2FPl4icn9zdfLIskc2%2B3IiqC4%2Bc3ZJvDXRyaE5xnmpjgK%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 73b3431988fc5c14-FRA

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7882 140 KB
43 KB 58ms
45ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:13 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame FF95 36 KB
14 KB 47ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:19:12 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7950 36 KB
14 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:19:12 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FDAC 0
26 B 77ms
76ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8wCmRTU4liIrA8mToIXPuvFAqJsFQTNEHXNFN_vNVHjyWYe6_x5LOaNzimijumjNRNSq0pJ3DlVHOax7iOCD6XnsmqHfFo-Sja_QiRppYiF38cgRxrgHDD-pSkAaNyU0kiR9y5tTYH4nYmZSPvgheKBgoT8VxLIGg5L0D2PZNqU3Avt0du2_V2Vw-ESSVTwPDMeM_G-NbsTwFxZxcAZFCx8rDu5pjvenwyzd3ylx7m-PIyeC88C6-YbaJnOVsSKibRCcvE_oOMCOTyGo5EQ_Q9Ci8_0FZ8I3mxSabXa31n_GIqJA50RnimuesGSAMs0Uy5k4UQOugxO3uQeYnSNqgYfDHRtR1sQKKLhEUrtN4W9Eo0tFVagsRnaqTFcHb78eiEJ2fxzRPu-kwJ_D5XoKpIpMdmADXDxAjBA01IeVztnIsM01irVotF_WRfqzZcV_ILnSRtmCsEGGGHiy-4DU-8TmrElbm_hGS5hjXxTlHFoau2Ie03G7ZRwH2k0oqqS7Ln0AqZTN_waHBQ5-ub_53Nho7XmG2m_0QpIFdIEOSK98BeFuy76M5g9TNdMK2otuis372D9nyWC4swk2yEj4Zb0pJe9VgzAsKuayr0yet8xNUT9953oTxDl3LU0qJwi9Ni4gQSPfYxOPgbAScB1_wTexUYSp8oL7UWroPfoyHHamiyHxFRviE0B7PJt6q4W19HgWZnmaAX42nd1SFfl6w4s3aDxO0gRbE1VKpMx_SoBHPq70XKUMjcZLSGe2t1uXK3EX9XjHr6fFu2gaissKLP9x0ORkvuMlOXGu22M6W3lxH5EDnzLf3IocGBXpnXiUqqpTWdLOhn6JpTiVCB3AIEzHH_bZ8ftUZcK_nOkZKiwSHil9LVqftnPL0FVPuebXYL9m2lXT_zfgvQ0zploVYMNt_ZLSxAkLaF5LaASzvY5HL2X9iaNdD7UcezIAfwVj1y0tJyRi5iXeWBjwZYMNBLiWfxvFBNvCBMtUdb5SeNYRVayDgRczfOpQHJX2jeiriwZDlLiWsF3jBixBPsdPhzMAOgHCJxrdIPwZ6cSovomSYNj4ANROzocYLPsCwMs8PBf8vaO5SKe2ibrF-nynZIA4MGz_MQ6JUY03JYk_msJgpfzjIIdIuk7kbcl6ZpUbBbPMPOTL-ags9GyOd3j3V0ejyMNB85vJcKZIrXIZ3cIwcB0uUnS_YGDHOMERf-DepDYZRcefANcXASPw8JQTYCyQcoXjXGLKw7UMUS0XCu7a3F8rXy4P8&sai=AMfl-YT_j3fS1NX259371pAzESaMleNhK4sl906FM-m1uXb-vckaz-iMi2LwTCWtXpnyKJD0s49a9M7OVqkc2g52Uk_2k7m7TMwd9aVLIQ0vrkfxJY7ADH_5h8luKqTRwM1eh5_g_6yT0ywM4-GFIBAzH1fug5_NqQn34q35Hnf0JYxng1MuzR4n47NqO3Ixf6oYQCCyvae_sfLxS3QqFpGjUh-c&sig=Cg0ArKJSzAT6crb0hh2kEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=339&vt=11&dtpt=235&dett=3&cstd=88&cisv=r20220810.41947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6A04 7 KB
5 KB 83ms
82ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e1f996fadd7bb482eb624ba7b2c3d0c110326de722e60e74171822ca37a4534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5571
x-xss-protection: 0

GET
H3 200 siegel.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame B1E6 5 KB
5 KB 40ms
40ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/siegel.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:08:04 GMT
x-content-type-options: nosniff
age: 101589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4943
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Aug 2023 12:08:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7882 0
0 79ms
74ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzQ68ldea-VCbVGi6Eauo2HKb4gt9q9Cyfd6qI0HgBjsC136mSp7--z78P0FZr5rMzhl76I2s9au6VrNcW0cp_WZtrJHfnCRiQpqo7MEqmbrOH8J_mZ4gmTVCDZPmFfHkJ8TpJJkMnFcTPlbR49b_OEEvyojDmX884-PVJtHgODMTPfo9C4514EH063pA01OjDMWcS5LzOaQHJnW9nhf809qO3kC1Bzwufjoq45iaWv0Axc537Gp6H_But1B5j9snaUYSdEUWa5YTwTzTevMPhMZnAhyvnXt4LuniL3zu-AokKK5M0E3hZarxR3bGAFh7idicwWTTlObSGT6HoAoArhxqrLOA&sai=AMfl-YR0voAPkTl6cU1QBXcVUi9NuHZatwZoSEmHz5tRX4kaIfVAE9WrE9Jzq4rk2FKH95cY3B5wN4pcAEZQhsNSCnE9JD9aamQG5JngUgpEnOjPEnuGkeKuugmrz3UaFA0&sig=Cg0ArKJSzPqjznmR_RwCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2780 0
26 B 77ms
76ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6o_fhKnyCpvjH0VAIc8PkVkTxF2cMA57io_xZWSazjw1NA93E4_DVzbredsfURmKmTmtLIuKbaqMFKrc7dlZiFjVKpEEH9nBdwTOPfBssnIDbwY6xWwAHujHEuhLCk4EhkutIpjGHNUGlm-UJaqN58YI-gRd2FV4TCVAWEIs6AFy05HHDVGddub3hrG2WobIE8Ybyqm6RzZNoO5ZQy1jYmymwh_pZeqn2EC264qoREo2FmKW1KRIgkFHs9ra2P5dS8UhjtrnLAeUFfN5B_0nEnLxMppIB1XgfDJCwVh8CGK-XAgyrSavAfPNqke5CtkUABY4sDH5oH6CfjreeQTv2ucH24WUxrT_abl0BUu0Tswf7m-LfuVZDTN58TYAs9LAwy2jRutAvjeXu_6kJ57avCBVZegMgsE9PLPJo4LY6rnmP8m7jgdFQ1ZsU7q_DIwvZVw1golzPCs8vY1nZwStCTMC99sl6GmaTPhCtOQlErVNnd6Lv3XvhqZCC1VhBDaN4tHIZE7aoiSyi_xc_aAAhp4rVoGD5-3vAb63M-IstTr9l_TPaY1G3sJt5JNSQNNMJZ3khF8Da5I0JjZaXN0_sC-gWSEmdCVRtrHPGvg-Fwbd1ccvhxXu499n66givKkSepvCpSlqZ3BdQpd53Y_GpuPNgcIUMMKimD9NcyedGnkcMaWAgGXvy2OU6_4ToqCW2Zxx3TZJEEywuEdCaZAFT-aiWH8IS5kTcyF5fA9l1L0VJNI_zB1NEdepHxI3KAa_JV_UNFAbovfqfBuxEJaptkmwilyOBebGRwcRlZX4SMTt0w54gywCYLdy1HeawpoegqE_pTUKzzl2ay55NB-VYdaMhu0hkFbC4zxKu_DH1ge7sm7mdBKsVvyE_MOaIcEhzT9JryoNJ-tK5gwx9CTnA4qs49VWiYVSAwE5ksZNbn5f2A6geuc01qeHo5GIFbUHkXHAVWen0HQMFLbuRSgegHuC5lkF0MXkJpeL9rZE1-8BtrSOKt7QZsa8P-fKYTUGIA_XbB3b2m1rM8Kjbsi94gorzJBGYbYHmd6rO1K3Lmsaip08lvWZXePAeHg2k5fDaf7KmWjNXS6z3I0hk1WPCV1kTmAgxzEUMOB1eKI8OV2HpMGYY19JH9hZV9HDach39nnjvlQ2NgdUgLBrjrMNO0tC0JzUMqlD74OeQ9XqE6bX6S0sdRZs62aZ-lTMuLKrtBSJOkwK6ccwXEHry7a4ufOibCww49NHYk1GXeEpJbc6uP0SdUjg5&sai=AMfl-YQcxwochpOYf5TIAxD0vjenOwKPj3sRfyZRZ08yR7AA-RURqZ9mJ3XHO2kiBSaazu7XsV5LRDNaYjwSGHWvlHyOFUZNZOO5aaA-WdUe1PiusCD2ATuvEqkk3EjNxmIgzf8OAum73yRFq-nFbvqpPHZoNp6CEL71YIDBt6G47XQC_1WAoXeehhkXy8KjqQ7Pb_1IM_pJkleB68D6cvwZHAjt&sig=Cg0ArKJSzNl3e2woruc7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=366&vt=11&dtpt=192&dett=3&cstd=169&cisv=r20220810.48069&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6A04 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:13 GMT

GET
H3 200 skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6194cee7f9236718ab2531de/original/ Frame 6A04 651 B
680 B 38ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6194cee7f9236718ab2531de/original/skyblue.png_1650378740125_skyblue.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c60e3aa73627a9fa0a352e64d12c004924052cc0fbe4b45ee08fd831447fef07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 08:01:06 GMT
x-content-type-options: nosniff
age: 202807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Aug 2023 08:01:06 GMT

GET
H3 200 Generic_451_2182_0.64.jpeg_1650378740125_Generic_451_2182_0.64.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182ab5b64d32994b3bbad42/original/ Frame 6A04 7 KB
7 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182ab5b64d32994b3bbad42/original/Generic_451_2182_0.64.jpeg_1650378740125_Generic_451_2182_0.64.jpeg

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daa2101a8136cc4ea1e6ebf6f6064808dd5018045a821b7061ca6e7462aa68db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 08:02:31 GMT
x-content-type-options: nosniff
age: 202722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6716
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Aug 2023 08:02:31 GMT

GET
H3 200 blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 6A04 91 B
124 B 42ms
41ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 08:00:04 GMT
x-content-type-options: nosniff
age: 202869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Aug 2023 08:00:04 GMT

GET
H3 200 icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 6A04 7 KB
7 KB 41ms
40ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/icon1.png_1650378740125_icon1.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:52:31 GMT
x-content-type-options: nosniff
age: 257322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7071
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 16:52:31 GMT

GET
H3 200 icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 6A04 6 KB
6 KB 40ms
39ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:07:30 GMT
x-content-type-options: nosniff
age: 360823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:07:30 GMT

GET
H3 200 icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 6A04 6 KB
6 KB 41ms
39ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:07:30 GMT
x-content-type-options: nosniff
age: 360823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6126
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:07:30 GMT

GET
H3 200 274x200_TUI-Live-Happy2.png_1650378740125_274x200_TUI-Live-Happy2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182601964d3291a07bacf95/original/ Frame 6A04 12 KB
12 KB 42ms
41ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182601964d3291a07bacf95/original/274x200_TUI-Live-Happy2.png_1650378740125_274x200_TUI-Live-Happy2.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41d60face1b293297c046e0486070665b3b27a0225510b272064c31c278e628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 08:45:03 GMT
x-content-type-options: nosniff
age: 459370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12016
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 08:45:03 GMT

GET
H3 200 logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 6A04 2 KB
2 KB 43ms
42ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=6Mdwj10NUS&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:07:30 GMT
x-content-type-options: nosniff
age: 360823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1701
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:07:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AAD1 7 KB
6 KB 78ms
78ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90e1b20d594cc9f7e35aa6a1065d4523af23cf94acc7017798b5b34152e58e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5691
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7882 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e317a38df40a2d94a089c9e2d3b2789e21b5c2123abf4e6ac5b32089d177df8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7882 0
0 74ms
73ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTw24_vGLQ6pyV-IHebQMsiO61NWBPqSGQ9XtNfDhxlFD11fPVNq9zXUxGB_TYRHy86qbFTGEdPU1ZffCRsulgO2I19b7356Ga_ujMXxG8fBWwIvq9YIB5S7_ZW3EDHZ03Y7EkX7vyruD91NUwd036P-8wIlilr8LMBmsQoAsZfm67C4xwyVpTVK1zp_FYLme-ngMdabw8boWZnunZ_51KlDu_vf4GCcqGBNW8l3JBcFU2cOwMD5HqE33_X_C8L_W4-fvtp70uNElAEX0SWLU6fy7KKUGYgYn7tn0Z6qfzDpdwC_cXxYPujkzpicAKPejmahFcdLo3MuoHqOW7nxLJhgpIpouxvA&sai=AMfl-YT9TXKE2JdZZRMnjNZMLf9jc9-wP9JAJJOwhIXks_L6h4iC9XySAqZ8J5n8YXu0Lsc0GuwB0IFmkpvNAWPWWjVpAw6Lol_DrpziG__foIVxirM5sUzRu_KGZwHuzLw&sig=Cg0ArKJSzO4LGsyO4lr-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 15 Aug 2022 16:21:13 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 171ms
84ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:14 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Aug 2022 16:21:14 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 100A 273 B
170 B 62ms
61ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiaw_fOATAB&v=APEucNX4dhCESK7F_BUKgdcZFRnrq9BLHkFOrQBBy1E_H7uc57eLnokOfE_yGeUXguAtKLS18RiJ5SWbUQxaEq8lIulSJeynKAAMeLObJRndj8fE6N-7ZElyGiYhVvazXZJp0adSLfRJMrW7ew74WxP7_3FeQ6EQgT5LjFnT1-dZX8HPX3haNqul67V8eVszswe3yQ4B1eQzZUtehkS3OqfpvbRDEYkK4NlUl0Ym8u1j8upRn8sk2ks

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 149
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 52D4 83 KB
34 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGFIh0ya8Evi9dLSraPAsm2JPaJzj_ncQkU0i-HWLBqh0k4QI-QNjuIvs4SxAq6BjB-bXJyHKfj8SHzn-D_NhugNpxeAnQVmo0J2f6TnlS92tunsFRB7QpmaJQaaCRnLdOdZz-s8jAtDyNC2VaBIagUC6wyg&dbm_d=AKAmf-BS1Rs0hph92U4BbfrXY74xpAM9uetLLY3JB9SkK5gq8wsE_Tk4e_eKRfNULd9bIGAY9XF_I3o_2tbt8pz_sR1IudcMvD1wKHS3v7bicEQdmQppNM99HoNktX-LjJ0Oa_j7GluZXjlfgB4t46mVQX5ncmGr5k8pZjYaXMwZMgXHeP24kxEDAJEjXxoEVYr3pNrzz9wYO8hQJNSR6sPecXycM_tUnAoNRav90lAPUMpEsP1iclU0Zqwr2az55DLpC6Tc3kKl3Asr7BoXaWKqOxVhngq7sglT4SQ46Cn0pyytuzkQw5athK2j1AH31oKXM9VzMcsvLrOCkAixsy56bmuT5rVoUwNZdjVWAtJduYndc7bupOu8gB3TET8TAQuU6VtVOcV6huqLn05jFb_jwTdQV4TeyVFXB9qQJxAcDfY_kb9xOic9w1a3JgjQgy0uqQNlN5KNTVlbuDnpl390_X3EUOpz9IP2YkDecuN4qVl-jJFdMYcLfRk7HbwyveZsSnDDLCjRoS61qqwMhZ3HSAFT6b5Li6LuEaZxiCk3xjHEy43CN830-GoPGYEe5SySTUX2PQO2M7NeXnJB_H_A5lTMJK877Kq-JysN7AYPOX4GK02nt2_hziZUF5tJK9wlAChPwDt-HbCyiQqd2LW3IHrJwADj-Jh4WIbW66pH_YTkvxXxvjxZwKy5a__mKqbuD8VVa0spSWqfPUTdjpsjz0MhAPnlpj_CpYtabkFq2ThvMMhvzxWqC2ayqpGBg8Bgvkbnjmh3jzF-tnIoSfHvBcHVvmzrbtLqqZtNflG171qzT_Gm3BDFvpxSfQbmeeqMF6dAJ7yyVlEwCRTsgSE5sJJla2shc-L8o9XbaKq7fc72L7GgRFuSrs9ZE79geAWFJUO0Y6lAxOPO-Nyc8Q1H6ZS-2MEUVBQAaKosdiLE2OwEXMEs1erMrHE4vAaMmBXFxzF32QdgZLiVmmqhGtkKQW4H8hcV99uAcVfQbroxt-shvwV01zwon02a_ju8V49brMKzzTl1Ww3V2hJW2ZzUeXur89VIUELGa4N1K_sBhZqQhPBfaNw7_Avo_W8OHZW1p9A4sqNU-JtzVG9_xRhhof7n81qke9qn7VmyhmE5dqsyWFU01y_Vj2JjswPAGtRcHTpPWlu9FAOGXiACsWS_xpA_CnSstVULBWfS0uhONuoBnRMafFmAMYqZ7YPSDt-dmj0MqWILA3r5JchR1nvLGLcle_zZGODdt8MygNU-itsXp7EYqdeuOjJeffk6eC4W1qhHadI_3CUoWDnHeN_Rl1tLdV8m3bbXN5OG_cutyF-8MSMxNaSZBkIXzvT1Gep_kVY0WxcVX7sJmVb3hea9-K4w7tUaa9j5nJyldlIEOwruWyxxRioI3xyhhfrfepWiaMMdb156FTf6khT8xv6NFXmMFUgrnOxXn7P3QBf5t-HTb_zFii7RJrxS6sCaRHd-1kW13eytjAA6rlVRzkkipX65kesR1ZZVBjk1dVgzFxXOGANQDBxpd3ICtjQdbXbDMHKNx3jA-k_5LEOrV9CpRfrbgpT6tgh3sUCt_5v3eeYZCa46uieV0nRYuMXXkT1wsyq0chREWKvN0zHpmbyr0j69FVQi7u--MsxCY4kugAdsIcDYx9XfR7NUVqwtPTpP3Zbp-T-SL5eJthU6UyisqEUVfK4ljmZERWRo75faMww9jkZe9Vfnedh3DwSFJgShjsK2V_gBAKWB9vSWgYw2lX-VYB_sg5IQkdPMLjQDFGWh_4zVw-a8w8AtorCi9LUwYNsKEGUeBK03_u6O6UdtRJUxq8Sh8oeR1wTVt9N3cghYgfJN6ac3QqmXZj_emgRaV_CLxU-TKFsz9MNEOE9l3ZzJ5o4K-cERL3IaXn9WyBErDbY0nKvMsPihVav-hzwwsRrIh-hwE3m6v5U_p4qGCQqR1-ZIj9jqWwTv8pEX2rpvPG2TWZJ_W8PBun7EepJrpB-IWvnD3CUrvHTScIHzh0yrlw7Q2o2IU3k3soBuYHIuVqHv7yV3VRh6mq0iWDJ3OuvcBKVgtHDiZh5OwYFeqn6v_UdoyBoxkYcESjmfEWrqHydbcMTPcF0YU5hZwWlXbIxEm8JbtLC7euRYklTZ3vAY2lEMe2fNoS13lZhn-SvTCz2587RD6kYmgNcGaZG8FbY0BcF2JTftJ9gWWUmX-LwPbtJIq_Wam7gKVZzJ50C4wni3eoAY-5ZHmEDg4IUJL7xKfVf9zmbtxYo1EmzImRH0WB53u74eQWCdCs5iLQ0xxhP1K7ogNAeuQdYs_zAivmesKCGSmqO_u2vBggIg97HWz5oXItWS3isdhWSLE3YAJOnaNEdd0fSdkK1mephpbx2HRfydLIrUBNYqYm_Q5wrcKH0Hz4H7td181bwzmjtG_g_jxQiWcSx-wjucs2erMrq_2PWR5sd0j2zF8-WAz0fc-c662k1CeAOTA_CXV1OG9UEKvlpLaLHgHfJkpEkDsls1ldjOOtQ6jZP-0NvzqR0VZ_rKZQIk_yiKXLLdtZG1RxjpLU_0Q65mgUJv4ZaKYVYohIjB5axdnMXmM4oLzSviM5EYoRhMwaftSCvauHzlDUadrzSccuCCRUXyVj94yvQbdg-9MO6h1mGMTSr7dG12znopXvLPTLC2KPwJy-17dTgzheW1XEMcn-xcekT68KuUgzNHkMHZAXiSuamFRRPRYTLFXWb615IFnvd_8roZO-cSTsAiHIYs_zB4J6awb5-Nmgp-vKTpe3NCf353AF2hoV2p_6KedykNgFYkaOc4hqmTyeq3maUlQVh8j6wkrlMepK5L1N5ZeXo1ukVjvAeOqezs3BxJHzeBkBq7l5zmfgigYYdBE5JfpqcRkzF85AJe3Un3TVuRvLfd3zMSIN3RG8o8y8iMd9QKcUtpCVT1MWu9V7dmBTgn8tKJjNJYDQihc1Aaa742PEV1eP67_1K5PusaLng6Vzl8XnTZTL-l20lKyLrm2eLXZ6Sf0IdYYO3SyZtQN0RdPgJ3oiHxl6B4vJ0DZSBAfIle8HTWa99DrW-qCJYhKQZNZ7CmLSmwTanFBZuKGUstBdq7OkYEKQjydAjLgf19B4gKj54m5qRlIgmDVMRcmbMQxqOyDySMFFOeADU-ZNnFIX1oskNrBPAiWAk5MtOh83XgJHdaO6uQXYBV1x1gYl95rxSBfa-2zMKoQv6SbHTR3bJlZGPJ909uR5iE_0AqE1dLPwAzqSkyyXmH1DWhe7PZKTmMWTmqJUidvo9wZeXMG7vLJBuH87Wwf5kWDBAYdFbqBCL1bFkAvH97UqCbD9V6jOSzW3zZvXw8MaIuPRkfhZkyqmeSW7frQOtE3qinRK3MzRaHLfgYWW_spsDTJ59BAe7Q85oWSDnV1CTYg30kW9dUfIxq8BWJfmb4RD-Iex46xLYAuiGYeBOJ9_BUyPZaUyJKUg3CkhzuzhVS&cid=CAASEuRokTCKlM7TDXFSO41uTy9EEQ&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4bd7c4698b184c28b8c407a835ad2cbe2de9d2a9341af32d6fa8dcf1c4eb94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34633
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 52D4 85 KB
29 KB 163ms
37ms Script
application/x-javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 16:21:14 GMT
Content-Encoding: gzip
Age: 14887363
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21929-LGA, cache-hhn4080-HHN
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1660580474.114642,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 980508, 1275626

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 52D4 0
813 B 166ms
47ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fkooora4lives.net%252Fhome5%252F&e=wqT_3QLpC_BM6QUAAAMA1gAFAQj55OmXBhCWiOqZ1vqhrFIY_aP9t7Dw38BBKjYJthMlIZG24z8RW-rF9ZTB4D8ZAAAAIFyPCEAhW-rF9ZTB4D8pthMJJNAxAAAAoHA92j8w1K_PDDiFa0C8CUhlUKzK7rEBWPjynwFgAGjuyMMBeACAAQGKAQNVU0SSAQEG8GWYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCov8D4ALW-VzqAh9odHRwczovL2tvb29yYTRsaXZlcy5uZXQvaG9tZTUvgAMAiAMBkAMAmAMXoAMBqgO-BwqHB2gNNUBhZHguZy5kb3VibGVjbGljawU69NkEcGFnZWFkL2Fkdmlldz9haT1DRGJsVGVYTDZZcHZKQnVHT2p1d1AydnU0OEEyRW5ZT3BhX1NDNk9fYUVQZ3VFQUVnNXBmV0pXQ1Z1dkdCa0FlZ0FkejRxcnNDeUFFSnFRSjFhRzZBZ0IyeFBxZ0RBY2dEbXdTcUJKY0NUOUFMNmszSnU4ZFNNSUJrRnJxQ082T1VIYnE4RjhyTndxZFJrV19lQTZyNHVNZTV5OEI5QnR3SVBSdUc3SkYzUDdpdVIyWnBNN0lac1VDcUdsRnctdmhsNC1yLWplUVQ1bm9aOEZoeDNxSmtTb1lJaG9Ka19uTC1JbTdvQTR2QXZCWG5wYklHeVo4U2MySjJ5WWJHdjdlXzM1V0REMFM0MGNxUlE4RXk3YWR0LWEwWXR1ajlBOFktd1plam5IQ0lwLVJWX3lzWVR5ZE9uTTJQbTQzX0FMMHVhUkFlRkFLX3JyRXA2QU5hNEZSRjhlcTRaU1cyUGRScGZxWDV1ZWx1UG1GYmJnaHhMR0k0UXZyQkl5QWNSeDBsdEM4V2FGd0dBRFRoVHNLMlVId1Z2NEFkcVJ5RW0zenM3c0RVQ2FEQ1dtMG9LQjZEd3lKS3JOVjVZWXZxWGMzLWFPS2JpaTA1Z0JLbnFzUFJZdlJ3aHE4LTFVN013QVR0NjltVi1nUGdCQU9JQmZTMDZPOF9rZ1VHQ0JzUUF4Z0JrZ1VMQ0NJUUF4Z0JTTkstdlFHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCa3lBQjR5SDFjUUJxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1EwY2dQR0pyRDk4NEIwZ2dSQ0lEaGdCQVFBUmdmTWdLcUFqb0NnRUR5Q0E1aWFXUmtaWEl0TmpJek1UazBOb0FLQk1nTEFiQVRsLV9fRDhnVGlQU1U0QVBZRXdxSUZBVFlGQUhRRlFHQUZ3R3lGd2dLQmdnQUVnQVlBQSZzaWdoPUxBM2pCT2tFMVJZJnVhY2hfbT1bVUFDSF0mY2lkPUNBQVNFdVJva1RDS2xNN1REWEZTTzQxdVR5OUVFUSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM1OTMzNjQxODU5NjIzMTkxNTc0IgkzNzMwMDc2NjAqBzU2MTM5MzE6CTQzMzk3MTYxMMADrALIAwDYA5bNygHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA1qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASsyu6xAYgFAZgFAKAFz-qBoe6P38VbwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAOAFAfAFg6FQ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsGLAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ1OTI4MzA4ugcPCAAQABgAIAAwADjEBkAAyAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfHa4oIAhAAlQgAAIA_mAgB&s=9a4d6c26596261088905c31f8c6d1c7316c982c7

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:14 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0214d9ad-b086-474b-87eb-783df3255d6e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 52D4 42 B
63 B 72ms
70ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C3f2eqO6oqWa4O-3ZcMQN6bwkA0-u5niKZ_Xf9ERwz8UTID-YM9ivC5ulCpxoBZwmBNnN4c58C3w0ZIiBXwuJ-Ij-rETlUbqTifZJoVKLaK3TcEcU

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame FDAC
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/886862/62195781/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_eXL6Yu...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

83ms
76ms

Script
application/javascript

2600:9000:214f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 18:33:36 GMT
content-encoding: gzip
age: 424059
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 10 Aug 2022 18:33:31 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
x-amz-version-id: DQfL4mKoLNW9EgAZKVigi2Be2tj2DgAs
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: Is8dz5g_tezAU4ph1RfqoYdmynZoi0-swNudk5iSy2tL1C5AfL_1rQ==

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 9750 80 KB
21 KB 161ms
43ms Script
application/javascript 2600:9000:214f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 7890401
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: fKNekqiWLxttIy3M9ggnn8bcry_60fwFKbz9ZUEb3sF67sGezcfHNQ==

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 2780
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/886862/62195778/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_eXL6Yv...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

64ms
64ms

Script
application/javascript

2600:9000:214f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 18:33:36 GMT
content-encoding: gzip
age: 424059
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 10 Aug 2022 18:33:31 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
x-amz-version-id: DQfL4mKoLNW9EgAZKVigi2Be2tj2DgAs
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: 11kSwGBESLJ7mlhLnGcpawmqD23zGk7tXvtho-y3NwIMBHCiRUQIgg==

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame A11E 80 KB
21 KB 145ms
72ms Script
application/javascript 2600:9000:214f:200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 7890401
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: aKqS5qregldy-dhUIr5hOgmiaKYn9mQuCkAmS14WbvuHP3yzcDLT7A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FDAC 43 B
215 B 654ms
191ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=ee7166a1-4244-dd23-9113-7d259932b5cc&tv=%7Bc:lnrOtG,pingTime:-3,time:115,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB4rdX+11%7C12%7C13%7C1411%7C1412%7C14131%7C1511%7C16%7C1711%7C1712%7C1713%7C18%7C191%7C1921%7C193%7C1a*.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a41%7C1b1%7C1b2%7C1b3%7C1b41%7C1c11,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FDAC 43 B
215 B 834ms
375ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=ee7166a1-4244-dd23-9113-7d259932b5cc&tv=%7Bc:lnrOtI,pingTime:-6,time:117,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB4rdX+11%7C12%7C13%7C1411%7C1412%7C14131%7C1511%7C16%7C1711%7C1712%7C1713%7C18%7C191%7C1921%7C193%7C1a*.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a41%7C1b1%7C1b2%7C1b3%7C1b41%7C1c11,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:kooora4lives.net*&br=c
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AAD1 17 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:14 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2780 43 B
215 B 619ms
190ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=638df6c4-3347-ba60-233c-d1ac2f0f8f4a&tv=%7Bc:lnrOue,pingTime:-3,time:104,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:104,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B97~0%5D,as:%5B97~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB4rdX+11%7C12%7C13%7C1411%7C1412%7C14131%7C1511%7C16%7C1711%7C1712%7C1713%7C18%7C191%7C1921%7C193%7C1a.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b*.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b41%7C1c11,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2780 43 B
216 B 615ms
189ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=638df6c4-3347-ba60-233c-d1ac2f0f8f4a&tv=%7Bc:lnrOug,pingTime:-6,time:106,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:106,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB4rdX+11%7C12%7C13%7C1411%7C1412%7C14131%7C1511%7C16%7C1711%7C1712%7C1713%7C18%7C191%7C1921%7C193%7C1a.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b*.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b41%7C1c11,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:kooora4lives.net*&br=c
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame AAD1 91 B
124 B 41ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 08:00:04 GMT
x-content-type-options: nosniff
age: 202870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Aug 2023 08:00:04 GMT

GET
H3 200 skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d69cf9236724d422baf3/original/ Frame AAD1 359 B
392 B 44ms
41ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d69cf9236724d422baf3/original/skyblue.png_1650378740125_skyblue.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70e21f986e952c4c99ddbb0226df11b3de722b1050153a767451b5c3239d27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:46:50 GMT
x-content-type-options: nosniff
age: 362064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 359
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 11:46:50 GMT

GET
H3 200 Pool-Boy_NoSmile_Ret_72dpi_32_468_1.62.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_32_468_1.62.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62751761d8cd7e6485d590e4/original/ Frame AAD1 17 KB
17 KB 43ms
40ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62751761d8cd7e6485d590e4/original/Pool-Boy_NoSmile_Ret_72dpi_32_468_1.62.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_32_468_1.62.jpeg

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854519d07d155c90609264652626944b998fdf68a153e9a5b8c44173d401329e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:47:01 GMT
x-content-type-options: nosniff
age: 362053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17679
x-xss-protection: 0
last-modified: Tue, 17 May 2022 09:00:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 11:47:01 GMT

GET
H3 200 vector.png_1650378740125_vector.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d621f92367dc9122b2bb/original/ Frame AAD1 1 KB
1 KB 46ms
43ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d621f92367dc9122b2bb/original/vector.png_1650378740125_vector.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78d707e764332efe4a8d928a8726b495449073194bf4b9ca22856f08d5cafb8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:46:50 GMT
x-content-type-options: nosniff
age: 362064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1472
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 11:46:50 GMT

GET
H3 200 gradient.png_1650378740125_gradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d64af92367802122b412/original/ Frame AAD1 3 KB
3 KB 44ms
41ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d64af92367802122b412/original/gradient.png_1650378740125_gradient.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f039a988d1611052fd690332adcf2199c47eebcc77fe9926a084a2e316216d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:46:50 GMT
x-content-type-options: nosniff
age: 362064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3076
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 11:46:50 GMT

GET
H3 200 icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/ Frame AAD1 7 KB
7 KB 48ms
45ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/icon1.png_1650378740125_icon1.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:46:50 GMT
x-content-type-options: nosniff
age: 362064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7071
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 11:46:50 GMT

GET
H3 200 icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/ Frame AAD1 6 KB
6 KB 46ms
43ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 08:45:02 GMT
x-content-type-options: nosniff
age: 459372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 08:45:02 GMT

GET
H3 200 icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/ Frame AAD1 6 KB
6 KB 46ms
44ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:46:50 GMT
x-content-type-options: nosniff
age: 362064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6126
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 11:46:50 GMT

GET
H3 200 logo.png_1650378740125_logo.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/ Frame AAD1 3 KB
3 KB 45ms
43ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 08:45:08 GMT
x-content-type-options: nosniff
age: 459366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 08:45:08 GMT

GET
H3 200 logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/ Frame AAD1 2 KB
2 KB 46ms
44ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=he14n1Tfon&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 08:00:09 GMT
x-content-type-options: nosniff
age: 202865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1701
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Aug 2023 08:00:09 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FDAC 43 B
215 B 595ms
190ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=ee7166a1-4244-dd23-9113-7d259932b5cc&tv=%7Bc:lnrOuC,pingTime:-2,time:173,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:746,beZ:747,mfA:749,cmA:750,inA:750,inZ:754,prA:754,prZ:763,si:768,poA:769,poZ:789,cmZ:789,mfZ:789,loA:863,loZ:866,ltA:918,ltZ:918%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:320.50,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:173,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B167~0%5D,as:%5B167~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB4rdX+11%7C12%7C13%7C1411%7C1412%7C14131%7C1511%7C16%7C1711%7C1712%7C1713%7C18%7C191%7C1921%7C193%7C1a*.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a41%7C1b.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b41%7C1c11,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,sinceFw:148,readyFired:true%7D&br=c
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 100A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEJnTjK_KlTrLBkEvOutGKII&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEJnTjK_KlTrLBkEvOutGKII&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=1fdbb36f87c9a0bec7dbe8fb42290c19&uid=1fdbb36f87c9a0bec7dbe8fb42290...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1

70 B
265 B

174ms
56ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiaw_fOATAB&v=APEucNX4dhCESK7F_BUKgdcZFRnrq9BLHkFOrQBBy1E_H7uc57eLnokOfE_yGeUXguAtKLS18RiJ5SWbUQxaEq8lIulSJeynKAAMeLObJRndj8fE6N-7ZElyGiYhVvazXZJp0adSLfRJMrW7ew74WxP7_3FeQ6EQgT5LjFnT1-dZX8HPX3haNqul67V8eVszswe3yQ4B1eQzZUtehkS3OqfpvbRDEYkK4NlUl0Ym8u1j8upRn8sk2ks
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:14 GMT
Last-Modified: Mon, 15 Aug 2022 16:21:14 GMT
Server: nginx
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H3

200

sync
ad.sxp.smartclip.net/ Frame 100A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOrMe0IcW0yRmZZ4E32wTUI&google_cver=1
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOrMe0IcW0yRmZZ4E32wTUI&google_cver=1&ang_testid=1

42 B
60 B

125ms
40ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOrMe0IcW0yRmZZ4E32wTUI&google_cver=1&ang_testid=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiaw_fOATAB&v=APEucNX4dhCESK7F_BUKgdcZFRnrq9BLHkFOrQBBy1E_H7uc57eLnokOfE_yGeUXguAtKLS18RiJ5SWbUQxaEq8lIulSJeynKAAMeLObJRndj8fE6N-7ZElyGiYhVvazXZJp0adSLfRJMrW7ew74WxP7_3FeQ6EQgT5LjFnT1-dZX8HPX3haNqul67V8eVszswe3yQ4B1eQzZUtehkS3OqfpvbRDEYkK4NlUl0Ym8u1j8upRn8sk2ks
Protocol: H3
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:14 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 15 Aug 2022 16:21:14 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOrMe0IcW0yRmZZ4E32wTUI&google_cver=1&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2780 43 B
215 B 768ms
374ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=638df6c4-3347-ba60-233c-d1ac2f0f8f4a&tv=%7Bc:lnrOuN,pingTime:-2,time:139,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:786,beZ:787,mfA:790,cmA:791,inA:792,inZ:795,prA:795,prZ:803,si:808,poA:809,poZ:829,cmZ:829,mfZ:829,loA:891,loZ:894,ltA:925,ltZ:925%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:139,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B131~0%5D,as:%5B131~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB4rdX+11%7C12%7C13%7C1411%7C1412%7C14131%7C1511%7C16%7C1711%7C1712%7C1713%7C18%7C191%7C1921%7C193%7C1a.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b*.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b41%7C1c11,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,sinceFw:116,readyFired:true%7D&br=c
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 52D4 106 KB
37 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Origin: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 52D4 8 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGFIh0ya8Evi9dLSraPAsm2JPaJzj_ncQkU0i-HWLBqh0k4QI-QNjuIvs4SxAq6BjB-bXJyHKfj8SHzn-D_NhugNpxeAnQVmo0J2f6TnlS92tunsFRB7QpmaJQaaCRnLdOdZz-s8jAtDyNC2VaBIagUC6wyg&dbm_d=AKAmf-BS1Rs0hph92U4BbfrXY74xpAM9uetLLY3JB9SkK5gq8wsE_Tk4e_eKRfNULd9bIGAY9XF_I3o_2tbt8pz_sR1IudcMvD1wKHS3v7bicEQdmQppNM99HoNktX-LjJ0Oa_j7GluZXjlfgB4t46mVQX5ncmGr5k8pZjYaXMwZMgXHeP24kxEDAJEjXxoEVYr3pNrzz9wYO8hQJNSR6sPecXycM_tUnAoNRav90lAPUMpEsP1iclU0Zqwr2az55DLpC6Tc3kKl3Asr7BoXaWKqOxVhngq7sglT4SQ46Cn0pyytuzkQw5athK2j1AH31oKXM9VzMcsvLrOCkAixsy56bmuT5rVoUwNZdjVWAtJduYndc7bupOu8gB3TET8TAQuU6VtVOcV6huqLn05jFb_jwTdQV4TeyVFXB9qQJxAcDfY_kb9xOic9w1a3JgjQgy0uqQNlN5KNTVlbuDnpl390_X3EUOpz9IP2YkDecuN4qVl-jJFdMYcLfRk7HbwyveZsSnDDLCjRoS61qqwMhZ3HSAFT6b5Li6LuEaZxiCk3xjHEy43CN830-GoPGYEe5SySTUX2PQO2M7NeXnJB_H_A5lTMJK877Kq-JysN7AYPOX4GK02nt2_hziZUF5tJK9wlAChPwDt-HbCyiQqd2LW3IHrJwADj-Jh4WIbW66pH_YTkvxXxvjxZwKy5a__mKqbuD8VVa0spSWqfPUTdjpsjz0MhAPnlpj_CpYtabkFq2ThvMMhvzxWqC2ayqpGBg8Bgvkbnjmh3jzF-tnIoSfHvBcHVvmzrbtLqqZtNflG171qzT_Gm3BDFvpxSfQbmeeqMF6dAJ7yyVlEwCRTsgSE5sJJla2shc-L8o9XbaKq7fc72L7GgRFuSrs9ZE79geAWFJUO0Y6lAxOPO-Nyc8Q1H6ZS-2MEUVBQAaKosdiLE2OwEXMEs1erMrHE4vAaMmBXFxzF32QdgZLiVmmqhGtkKQW4H8hcV99uAcVfQbroxt-shvwV01zwon02a_ju8V49brMKzzTl1Ww3V2hJW2ZzUeXur89VIUELGa4N1K_sBhZqQhPBfaNw7_Avo_W8OHZW1p9A4sqNU-JtzVG9_xRhhof7n81qke9qn7VmyhmE5dqsyWFU01y_Vj2JjswPAGtRcHTpPWlu9FAOGXiACsWS_xpA_CnSstVULBWfS0uhONuoBnRMafFmAMYqZ7YPSDt-dmj0MqWILA3r5JchR1nvLGLcle_zZGODdt8MygNU-itsXp7EYqdeuOjJeffk6eC4W1qhHadI_3CUoWDnHeN_Rl1tLdV8m3bbXN5OG_cutyF-8MSMxNaSZBkIXzvT1Gep_kVY0WxcVX7sJmVb3hea9-K4w7tUaa9j5nJyldlIEOwruWyxxRioI3xyhhfrfepWiaMMdb156FTf6khT8xv6NFXmMFUgrnOxXn7P3QBf5t-HTb_zFii7RJrxS6sCaRHd-1kW13eytjAA6rlVRzkkipX65kesR1ZZVBjk1dVgzFxXOGANQDBxpd3ICtjQdbXbDMHKNx3jA-k_5LEOrV9CpRfrbgpT6tgh3sUCt_5v3eeYZCa46uieV0nRYuMXXkT1wsyq0chREWKvN0zHpmbyr0j69FVQi7u--MsxCY4kugAdsIcDYx9XfR7NUVqwtPTpP3Zbp-T-SL5eJthU6UyisqEUVfK4ljmZERWRo75faMww9jkZe9Vfnedh3DwSFJgShjsK2V_gBAKWB9vSWgYw2lX-VYB_sg5IQkdPMLjQDFGWh_4zVw-a8w8AtorCi9LUwYNsKEGUeBK03_u6O6UdtRJUxq8Sh8oeR1wTVt9N3cghYgfJN6ac3QqmXZj_emgRaV_CLxU-TKFsz9MNEOE9l3ZzJ5o4K-cERL3IaXn9WyBErDbY0nKvMsPihVav-hzwwsRrIh-hwE3m6v5U_p4qGCQqR1-ZIj9jqWwTv8pEX2rpvPG2TWZJ_W8PBun7EepJrpB-IWvnD3CUrvHTScIHzh0yrlw7Q2o2IU3k3soBuYHIuVqHv7yV3VRh6mq0iWDJ3OuvcBKVgtHDiZh5OwYFeqn6v_UdoyBoxkYcESjmfEWrqHydbcMTPcF0YU5hZwWlXbIxEm8JbtLC7euRYklTZ3vAY2lEMe2fNoS13lZhn-SvTCz2587RD6kYmgNcGaZG8FbY0BcF2JTftJ9gWWUmX-LwPbtJIq_Wam7gKVZzJ50C4wni3eoAY-5ZHmEDg4IUJL7xKfVf9zmbtxYo1EmzImRH0WB53u74eQWCdCs5iLQ0xxhP1K7ogNAeuQdYs_zAivmesKCGSmqO_u2vBggIg97HWz5oXItWS3isdhWSLE3YAJOnaNEdd0fSdkK1mephpbx2HRfydLIrUBNYqYm_Q5wrcKH0Hz4H7td181bwzmjtG_g_jxQiWcSx-wjucs2erMrq_2PWR5sd0j2zF8-WAz0fc-c662k1CeAOTA_CXV1OG9UEKvlpLaLHgHfJkpEkDsls1ldjOOtQ6jZP-0NvzqR0VZ_rKZQIk_yiKXLLdtZG1RxjpLU_0Q65mgUJv4ZaKYVYohIjB5axdnMXmM4oLzSviM5EYoRhMwaftSCvauHzlDUadrzSccuCCRUXyVj94yvQbdg-9MO6h1mGMTSr7dG12znopXvLPTLC2KPwJy-17dTgzheW1XEMcn-xcekT68KuUgzNHkMHZAXiSuamFRRPRYTLFXWb615IFnvd_8roZO-cSTsAiHIYs_zB4J6awb5-Nmgp-vKTpe3NCf353AF2hoV2p_6KedykNgFYkaOc4hqmTyeq3maUlQVh8j6wkrlMepK5L1N5ZeXo1ukVjvAeOqezs3BxJHzeBkBq7l5zmfgigYYdBE5JfpqcRkzF85AJe3Un3TVuRvLfd3zMSIN3RG8o8y8iMd9QKcUtpCVT1MWu9V7dmBTgn8tKJjNJYDQihc1Aaa742PEV1eP67_1K5PusaLng6Vzl8XnTZTL-l20lKyLrm2eLXZ6Sf0IdYYO3SyZtQN0RdPgJ3oiHxl6B4vJ0DZSBAfIle8HTWa99DrW-qCJYhKQZNZ7CmLSmwTanFBZuKGUstBdq7OkYEKQjydAjLgf19B4gKj54m5qRlIgmDVMRcmbMQxqOyDySMFFOeADU-ZNnFIX1oskNrBPAiWAk5MtOh83XgJHdaO6uQXYBV1x1gYl95rxSBfa-2zMKoQv6SbHTR3bJlZGPJ909uR5iE_0AqE1dLPwAzqSkyyXmH1DWhe7PZKTmMWTmqJUidvo9wZeXMG7vLJBuH87Wwf5kWDBAYdFbqBCL1bFkAvH97UqCbD9V6jOSzW3zZvXw8MaIuPRkfhZkyqmeSW7frQOtE3qinRK3MzRaHLfgYWW_spsDTJ59BAe7Q85oWSDnV1CTYg30kW9dUfIxq8BWJfmb4RD-Iex46xLYAuiGYeBOJ9_BUyPZaUyJKUg3CkhzuzhVS&cid=CAASEuRokTCKlM7TDXFSO41uTy9EEQ&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:13:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 52D4 30 KB
12 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 16:20:27 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame EBE3 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:19:12 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FD5E 15 KB
6 KB 143ms
49ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kooora4lives.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora4lives.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:21:13 GMT
server-processing-duration-in-ticks: 2421
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 171ms
83ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:14 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Aug 2022 16:21:14 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7EDE 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:19:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 52D4 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 17:19:05 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9562 52 KB
17 KB 176ms
40ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13701&pub_id=2164617
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 15 Aug 2022 16:21:14 GMT
ETag: "623de86a-cf34"
Expires: Tue, 16 Aug 2022 16:21:16 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 52D4 0
813 B 55ms
55ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&e=wqT_3QKqBPBMKgIAAAMA1gAFAQj55OmXBhCWiOqZ1vqhrFIY_aP9t7Dw38BBKjYJthMlIZG24z8RW-rF9ZTB4D8ZAAAAIFyPCEAhW-rF9ZTB4D8pthMJJNAxAAAAoHA92j8w1K_PDDiFa0C8CUhlUKzK7rEBWPjynwFgAGjuyMMBeACAAQGKAQNVU0SSAQEG9CoBmAGsAqAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAqL_A-AC1vlc6gIfaHR0cHM6Ly9rb29vcmE0bGl2ZXMubmV0L2hvbWU1L4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA5bNygHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA1qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASsyu6xAYgFAZgFAKAFz-qBoe6P38VbwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAOAFAfAFg6FQ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsGLAdoGFgoQAAAAAAAAAAAJPaAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ1OTI4MzA4ugcPCAUoPCAAMAA4xAZAAMgHANIHDQkuRAAM2gcGCAUlZOAHAOoHAggA8AfHa4oIAhAAlQgAAIA_mAgB&s=405ea4ed6b8c14238c046df4dab9a10f64f1fa0b&bdref=https%3A%2F%2Fkooora4lives.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fkooora4lives.net%2F,https%3A%2F%2Fb779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html,https%3A%2F%2Fb779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:14 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7d8b8ad8-56a2-44f3-a04d-9a0b4944f10e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 52D4 140 KB
43 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:21:14 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/ Frame D0B8 6 KB
2 KB 39ms
39ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71c9e00c63d5280db7c8e314d141bb05a872c2c195e3cd3523e8a4691a6b7205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 411501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2317
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 22:02:53 GMT
expires: Thu, 10 Aug 2023 22:02:53 GMT
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 52D4 0
26 B 75ms
75ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRhEeVM-94EHxHjgfs8cHrToHCE6gbPUWhoun6t4rEAyrhWELjyUUhEIZ2EPRmCWNE6zUuZpsk02V3oyxNYfIr_MLFE1DU1F9sR-tttf0c2nsEUrv-3wMBot28H-Ra4SyEOLmissErHYOBJbnShSC3-VCWK23SjScuhFHsmo7yoJIQPcj6dNE7v7i6zYt7f4ZRzJg75AX6g-ue&sai=AMfl-YQw3kG4711nbg1o28NaR3jTmIuz8_TGmXIRRJ0cz8Z7bt-BUk-pxAZx3kwPYi_NO67jbsw64nY0GGGtU93Hfl7RFyeaHhgB43g12O028BxGX4i_W9RNvySidMlTrg&sig=Cg0ArKJSzKHeja3YZXM6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=121&cbvp=1&cstd=119&cisv=r20220810.59452&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDAC 0
20 B 71ms
70ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=pvtw&eid=eXL6YuiPFdmm9u8PpI-ygAQ&p=ias&bl=0&twt=857&st=577

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF95 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BloWmeXL6YuiPFdmm9u8PpI-ygAQAAAAAOAHgBAI&bg=!JCelJ2PNAAa4hXTbmIU7ACkAdvg8WiggazatD-W8S4F7i5BTfQ_-5aNBZXBn7g6oL6O9DHZHifk1yQIAAAGZUgAAAAJoAQeZAz4hisgPaejqu9s8UdSZwW24tRs2dgLw--sHUbfJf8PSqsZAf6a_2mjd9jvJyHBmGOsXVC-uLs-L_vqkFqBkbI76-jJNNS_bMXIduKn6QnO0lxuS_vApN3DBOca0SrXMQsE-GHT5D_yLr26gBJw9aD_X3tn2yo111cdY4aWgZb2NMP64g0Kk8ScPWUF7d-g-BNJl1zvs9Zwo32GxbEcN5hKwkxfQE2tZcAhjCuQfeZN7f13NAXrMBMc6pzc3NPE_CRPtSmiX4CV8Yk57eMSFqf6I9WlUoI4GZpzKvoM00I6bxe1GZEtJd6mo0XS8gIupCUxuNKPaLa0KhXWk-jBGsbs-ic_QIWsqAPNZsA3yjZIf4Zl2tcmFCGp9DaEa22lL6l6YKEYH0hpvxRp7SNoc6x3l9lRBNJp-Ac2TosTwP8MFPLKehWF2ibwDl1EaB6DovmUhdi0sXE_E6J-HMRgR0RTGz82mWcF5a0w5gBZ_tgWYnhyfMFkqE6u9EHra8MczUxNwU46YN9zk_Qik6ro8ygrhV7o7QNJAYVuXlDqpPC7KC0kk4NXKtxEAAoFx_FG7mHRG_OV8bGUlrnz2COE4sSbj7GTRedV-ds7yMbqDzoI9mWRCr69fXwwqubuPVKp1TaKfnXvKM-WEgk9XT0AeWdGDbScXpw3LYHyh2lfXg7U7zb9mbrwL92RY_nUA3CcnB6qAyiOhB9_g49g_jN1RjRV_AZyJX0OD1K3XAFPa2Ztz4zR_hjg5V933Msi0y9De5oNujuYVu6YSyzAsqf79nYUZB4X60I0Glr-8G7xcJcaIp9DuOmvq7A0k-xMC39lCC6lcE4we543zkbF5vN0i1aM1yhR3Q6YfWfAkOuvOjPvE16SSOf6Y66aCcMiiSkgl5TsUqb0MBmymGKN7b0FWnN9tfb9razxQRmfAJ6Oc2Tdrbl45xD65SN26HMpsi0BuyGhSNUSOSoE2vNX6R_NH-kIL1Dxg6a-Nfc_ntsReBtRtY_1QNPWhhefx3Q1Z2fZOF3x-rTtzTB4mnN9ubtovI_Gcrbpx5Ij536fCk19naRf00_fiAjxu-AteKDcyG_vwPq5zTqd9z7hLQ9amnVUxgQ

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7950 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtqFLeXL6Yv2wFdmm9u8PpI-ygAQAAAAAOAHgBAI&bg=!xMelx4PNAAa4hXTbmIU7ACkAdvg8WkLC_-sBhY8KVUR-6UYUFAtTqjpHIUCqfBW-bio3wyBKGLu-DQIAAAGeUgAAAAJoAQeZAz_9kf2U6i0ao75AYj651hWdmCXToeY_V2y4BB9PkBssQewmuBQ6CoL46zPJoA4TdkIYyfNkgRbQ0CWqsYtmOIAij0e729KNark1TdyHrvZQz15-j6vie_1mwoTsMwHtbRIezDjkxRYZOFxh7-HMQte4WKMnBuCOaAMWa2eMTMrzvNBgVt7Oec73GHzQumA60k2SDVVwphOC_VucO7HVzJViwysk6gTvnR4Kp3I857_P-WJcvGUF9Jldq1Oj4OjcE9d0ZkhVuBK1_SkAzT0mN0YZ_GdSZlh949xpr4a218SV5gyC-HhA_5zu_GXS-diUuLbuNusk-m2N0pDdLejPKvi-KqmBbcC0yjsCTopYEvKKTTlynlMP13DCY8CMWaMLCHjqeT7wLrI_IQrB78iZ36GicBXAxxDg6kac3lpzqIMADVl5wqDL1tqjGJQxoE16cWH-XvLdgvMr3TfFHd8A-AK7APEDUiZN2WONfMADZNW7oKW64qkS3KUjaA9GouVBoIO9YzOt2WlZpP2-E-PIPMPye-g0ija7bOt9Ws9DOdD-V6LBXpVhBi_PjyKtAxgZE4YB8Q4jpdNT6kVotVDTR4gMiPSNEQlHmXpRbgfrLcrAU64Y7Dy7ws-Tth-Wtac_Dxgmiu6AgXzpEzs-U-38q4-t6jPheeg_C7fF2ra_-JIfrwaglhPntW0b-85fXeXhY6qJ_Q7FHKegjSF-JPL0RB4NI2SFlAx8h7VQJKrAMgKttwOsyI5J_7kLljaJoWybmlhU6p8ReSEcG2LYoGkoXKsYozEgtbVsAhk-VXTlJ4_rdUw-jlqyOFh1A80SQEUdtxJcUEamdRt_AWkNtoSsDCnAT5IQJ4XLQ8WsaruQGTvIH7JQzj1xNE3qTblehUmhwu1ox7FNRH7t9ZNiXyVObmUwN4R-n0kYr66VNm4si6gU6ADzQOiOohsS5YIDERrqcT3prgjNJxKTkQ9vtg4yS7JkXaXho1J9akaddtz0WDWiCH9a1xd4MP3-uS_jAOv1hyoCnEfYS42RqstvVt1IPEw5McbWyEZN6lRW1qCaIMq4XkXnd5bEjkuq9ir7Zu2pLSFNP5DoxJZM9tP6dtQiS3c

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 52D4 0
884 B 43ms
43ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&e=wqT_3QLpC_BM6QUAAAMA1gAFAQj55OmXBhCWiOqZ1vqhrFIY_aP9t7Dw38BBKjYJthMlIZG24z8RW-rF9ZTB4D8ZAAAAIFyPCEAhW-rF9ZTB4D8pthMJJNAxAAAAoHA92j8w1K_PDDiFa0C8CUhlUKzK7rEBWPjynwFgAGjuyMMBeACAAQGKAQNVU0SSAQEG8GWYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCov8D4ALW-VzqAh9odHRwczovL2tvb29yYTRsaXZlcy5uZXQvaG9tZTUvgAMAiAMBkAMAmAMXoAMBqgO-BwqHB2gNNUBhZHguZy5kb3VibGVjbGljawU69NkEcGFnZWFkL2Fkdmlldz9haT1DRGJsVGVYTDZZcHZKQnVHT2p1d1AydnU0OEEyRW5ZT3BhX1NDNk9fYUVQZ3VFQUVnNXBmV0pXQ1Z1dkdCa0FlZ0FkejRxcnNDeUFFSnFRSjFhRzZBZ0IyeFBxZ0RBY2dEbXdTcUJKY0NUOUFMNmszSnU4ZFNNSUJrRnJxQ082T1VIYnE4RjhyTndxZFJrV19lQTZyNHVNZTV5OEI5QnR3SVBSdUc3SkYzUDdpdVIyWnBNN0lac1VDcUdsRnctdmhsNC1yLWplUVQ1bm9aOEZoeDNxSmtTb1lJaG9Ka19uTC1JbTdvQTR2QXZCWG5wYklHeVo4U2MySjJ5WWJHdjdlXzM1V0REMFM0MGNxUlE4RXk3YWR0LWEwWXR1ajlBOFktd1plam5IQ0lwLVJWX3lzWVR5ZE9uTTJQbTQzX0FMMHVhUkFlRkFLX3JyRXA2QU5hNEZSRjhlcTRaU1cyUGRScGZxWDV1ZWx1UG1GYmJnaHhMR0k0UXZyQkl5QWNSeDBsdEM4V2FGd0dBRFRoVHNLMlVId1Z2NEFkcVJ5RW0zenM3c0RVQ2FEQ1dtMG9LQjZEd3lKS3JOVjVZWXZxWGMzLWFPS2JpaTA1Z0JLbnFzUFJZdlJ3aHE4LTFVN013QVR0NjltVi1nUGdCQU9JQmZTMDZPOF9rZ1VHQ0JzUUF4Z0JrZ1VMQ0NJUUF4Z0JTTkstdlFHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCa3lBQjR5SDFjUUJxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1EwY2dQR0pyRDk4NEIwZ2dSQ0lEaGdCQVFBUmdmTWdLcUFqb0NnRUR5Q0E1aWFXUmtaWEl0TmpJek1UazBOb0FLQk1nTEFiQVRsLV9fRDhnVGlQU1U0QVBZRXdxSUZBVFlGQUhRRlFHQUZ3R3lGd2dLQmdnQUVnQVlBQSZzaWdoPUxBM2pCT2tFMVJZJnVhY2hfbT1bVUFDSF0mY2lkPUNBQVNFdVJva1RDS2xNN1REWEZTTzQxdVR5OUVFUSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM1OTMzNjQxODU5NjIzMTkxNTc0IgkzNzMwMDc2NjAqBzU2MTM5MzE6CTQzMzk3MTYxMMADrALIAwDYA5bNygHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA1qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASsyu6xAYgFAZgFAKAFz-qBoe6P38VbwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAOAFAfAFg6FQ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsGLAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ1OTI4MzA4ugcPCAAQABgAIAAwADjEBkAAyAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfHa4oIAhAAlQgAAIA_mAgB&s=9a4d6c26596261088905c31f8c6d1c7316c982c7&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=4245710831203508933&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26466260&sw=1600&sh=1200&pw=300&ph=604&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:14 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fb4172a2-8c25-40fb-9856-b1ccc9922308
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D0B8 236 KB
63 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 16:21:14 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/ Frame D0B8 20 KB
4 KB 38ms
37ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7268a700c3f464c73d9c6aba81c5fb3820bb9938e610191cdadf32fc538b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411501
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3965
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:53 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6023 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 342128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 17:19:06 GMT
expires: Fri, 11 Aug 2023 17:19:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame FD5E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kooora4lives.net&sn=ChromeSyncframe&so=0&topUrl=kooora4lives.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=KoVH8nwzTlVGbjhHaEpRSHNWZ2ZDcTNUNktnVlcxWEw4ZERiemZtV1lNaEVua25uNXdkcDJ2VjB5UHp3aVJwUzh5RDFQczFOWklxUXdXNExHanpTNjZDZTVSVk04Um5rbnlxdGMzdW43QzJyT3U4MUtOZ0tEVjErVWpWZn...

446 B
647 B

183ms
45ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=KoVH8nwzTlVGbjhHaEpRSHNWZ2ZDcTNUNktnVlcxWEw4ZERiemZtV1lNaEVua25uNXdkcDJ2VjB5UHp3aVJwUzh5RDFQczFOWklxUXdXNExHanpTNjZDZTVSVk04Um5rbnlxdGMzdW43QzJyT3U4MUtOZ0tEVjErVWpWZnFSaXU0S0hqQURSQ2xQajBDS1NYS0x5VC9URWRjY0d0OXBmS1N4cG16TnNhdnFsbk5lSUFYdWkxeFUwOHlhY01SbDBNVXRTMDdVWmNUNW45VnBKR2cyZTdQaW9BdUZ3Z05JaDc4M044OEl5a0VGcnMyL2JXZnBsNTJuRmNVbUNKS3NXWC8xYjVCcEFkK05TeDFoRVZDV0JnK1Q1blFYUT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ac711b778a5abd8556b9c3e019f7aba0ecbb8dbf6359b80a380e5902600db010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 6631
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:13 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=KoVH8nwzTlVGbjhHaEpRSHNWZ2ZDcTNUNktnVlcxWEw4ZERiemZtV1lNaEVua25uNXdkcDJ2VjB5UHp3aVJwUzh5RDFQczFOWklxUXdXNExHanpTNjZDZTVSVk04Um5rbnlxdGMzdW43QzJyT3U4MUtOZ0tEVjErVWpWZnFSaXU0S0hqQURSQ2xQajBDS1NYS0x5VC9URWRjY0d0OXBmS1N4cG16TnNhdnFsbk5lSUFYdWkxeFUwOHlhY01SbDBNVXRTMDdVWmNUNW45VnBKR2cyZTdQaW9BdUZ3Z05JaDc4M044OEl5a0VGcnMyL2JXZnBsNTJuRmNVbUNKS3NXWC8xYjVCcEFkK05TeDFoRVZDV0JnK1Q1blFYUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1564
content-length: 541
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9562 0
741 B 49ms
48ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=13701&pub_id=2164617&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13701&pub_id=2164617

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:14 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e3e6b6c9-09fc-4761-9a4c-fbb0a380d8e7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 bgrd.jpg
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 16 KB
17 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/bgrd.jpg

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2c5878199aaf317f562842f70102d6de20ea01b1649d909a9d4c46ce3624de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:54 GMT
x-content-type-options: nosniff
age: 411500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16877
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:54 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 52D4 0
26 B 76ms
75ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRhEeVM-94EHxHjgfs8cHrToHCE6gbPUWhoun6t4rEAyrhWELjyUUhEIZ2EPRmCWNE6zUuZpsk02V3oyxNYfIr_MLFE1DU1F9sR-tttf0c2nsEUrv-3wMBot28H-Ra4SyEOLmissErHYOBJbnShSC3-VCWK23SjScuhFHsmo7yoJIQPcj6dNE7v7i6zYt7f4ZRzJg75AX6g-ue&sai=AMfl-YQw3kG4711nbg1o28NaR3jTmIuz8_TGmXIRRJ0cz8Z7bt-BUk-pxAZx3kwPYi_NO67jbsw64nY0GGGtU93Hfl7RFyeaHhgB43g12O028BxGX4i_W9RNvySidMlTrg&sig=Cg0ArKJSzKHeja3YZXM6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=362&vt=11&dtpt=241&dett=3&cstd=119&cisv=r20220810.59452&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: kooora4lives.net
URL: https://kooora4lives.net/home5/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 16:21:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6023 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 14:19:12 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FDAC 43 B
215 B 342ms
342ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=ee7166a1-4244-dd23-9113-7d259932b5cc&tv=%7Bc:lnrOBE,pingTime:-10,time:609,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660580474590%7C%7C78632426fd7d79a00193e02aad0b8b0c%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7C28b32439cc937d14ea0dd367926bd478%7C%7C1d75e489b58ebbbe6443217773b89121%7C%7C214c342847ec7b8afbbc142eb7fd525f%7C%7C7d2c2358230342ee40147bb815667f10%7C%7Cf4b9f4a4029f63e5c088ebaecb76a735%7C%7C1629390669%7D
Requested by: Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 blade.png
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 3 KB
3 KB 38ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/blade.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29430e7d487201eae25a31b467892c2fa65e1e333cc91bc3e022e396ade4068d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:54 GMT
x-content-type-options: nosniff
age: 411500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2890
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:54 GMT

GET
H3 200 btn.png
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/btn.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8419d5a3d70d79fa0696485c288dd2463ed67b894131f3a66a03ec70fb7d1c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:54 GMT
x-content-type-options: nosniff
age: 411500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:54 GMT

GET
H3 200 bubble.png
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 25 KB
25 KB 39ms
38ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/bubble.png

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aef570f7199d6f79c59ac72aea69925a6ae257f2f6bc04de3d011c8e6f4502ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:54 GMT
x-content-type-options: nosniff
age: 411500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25527
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6023 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxoUSenL6Ys4H09zv9Q-oqbrIDAAAAAA4AeAEAg&bg=!h4SlhMDNAAa4hXTbmIU7ACkAdvg8Wsnu77PMjQ9Kx6TAIq1po5b3dfCmjJhssthuvmriyIAxknAFuQIAAABfUgAAAANoAQeZA4p64a4n5RTkJzFomsshgViZe6-eARLzUtLQC05U0DdbDMfT5kuOKm0vqrs7-4n_7irHhfLQw0vshj4eJbVdBV41ZAvLJ198FHlsfxGDfWR5f0gOC4gQS_j6Emq2_5Dz0gZM9-1XBaW-vFEvO1fYDDfS-3iZsFfYs5j686ip4g6hsBbb16Fq2eZMkHIXtIvQcJmkmk28XWEKCwL5yw2RBsjPULq1-ltSko6RzqR0O4OdlZ-VIDibi2OZtGqWh6fImwhxMyFlLzevpAyUF8VJ28GeFg1Ib7eD9UjGEptKxVo2xs8qZDkZEZE_QU2SNAt9JeXZ-v0AxYoMnN3hEW1NVKz6aBXUVRX6PBjxfeoIHFLnFFiWqwP9D9LHCJ2Pi3OSXkzRdTHOqN-powFLSBTAjvUKJ9srHo7ZJE6F3qOlb42ExYAzfjOCbGmOUlpc9rE5QqcUASHwjFK4tGtak-2Ggk9h15VXAvYkzyjEcFlxRTXgjc1hM8eMIyL4rLB2W-O4nFKtQxHBJZsbpLS_obHm6n_N7IaOBWr7TxpLEX8NlcQEP9kqUvPzlP-e3CYJpEHzKjLPTcqerYG6vRyVFe6R8QU_O4lh8hP-e32mz3zRP_8ybc0-_J-UKySDZpATzz1lD1cyJ9oXwRW8d-mNwetGXIl_dx_zwV0Y_xZ3donIAAL3AqBuKGiYnmSsyl6DxZjucmSTS8OhluFk2fFKyRxwOx5AT0dXZ-hWKgMt6NyzX4rLd0aVjmW5ilChjaRPWrEqcAHR1S06HGzbtkyUhusZvGsB6l1y7ZIq8EKcC4JLFD4BpVbIs5X4rUU5qhTZm1iNM7uRW3xx3IxRIDlJuamis5syvHIoAI3j-ns-xpu717s4Uy_jupNuWYzrqwqltc4ptUmP5azcNiVa8vF4_JMy1ITds4YLjdMqZk29bHUqWdbEZYf7Lhm3i62SgLvMzJWdnedjAwISAlCYTSK0vj_qNoJcPG1Cni2mQQZ3vhCiI7OQ0cJtJMxTXNsWg5u-DN4wlEsqeojDs4pJ2ykzl1aUV0K33fqzk_AB0rIipIJBO0vW0uZ9PruKJ4t2WQGFgxijf9StxUhB_Hdp9yYT3QGKNOiRzqyMe_2ES3po29pzokH1Y-pLWL4cnfvv7do0TysEFC_a0chmilyZaNnPaYow-MwlyUjq7g7X4e4rMeGdJutx_hO4aV_k7kmbolg

Requested by

Host: b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
URL: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dieter.png
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 31 KB
31 KB 38ms
38ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/dieter.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d34fa00070f2bd5c8fda1cb19b82cda756edd7c174c59255afe65360e6a5e489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:54 GMT
x-content-type-options: nosniff
age: 411500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31869
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:54 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 2 KB
2 KB 38ms
38ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/h1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24dd3bb029e63d66f4cb08a5bfc8e2b1eb0d7e0ca33df82f2b5c708ae2b189a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:54 GMT
x-content-type-options: nosniff
age: 411500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1636
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:54 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 922 B
964 B 37ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/h2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0c84b50c3aeabd0aa6eda94c5bf1f914476d4cafb8e959b9b33b59c31839a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:54 GMT
x-content-type-options: nosniff
age: 411500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 922
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:54 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 972 B
1018 B 37ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/h3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb50c7836002d9800d898fc436fae8d07e5f92d9946517aa8f2d9b172c491cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:47 GMT
x-content-type-options: nosniff
age: 411507
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 972
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:47 GMT

GET
H3 200 h4.png
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 1 KB
1 KB 38ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/h4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91629c3651a376b4721adeb0037851a7826513db51dfbeefa1cc868c538074fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:54 GMT
x-content-type-options: nosniff
age: 411500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1300
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:54 GMT

GET
H3 200 h5.png
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 800 B
842 B 38ms
37ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/h5.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32391ed06d57de4a424e3802813b808b74b0bd661b6d9c0893e334897216ae15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:54 GMT
x-content-type-options: nosniff
age: 411500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 800
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:54 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2780 43 B
215 B 189ms
189ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=638df6c4-3347-ba60-233c-d1ac2f0f8f4a&tv=%7Bc:lnrOHJ,time:941,type:e,im:%7Bpci:%7Btdr:895%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:941,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B933~0%5D,as:%5B933~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:772,fm:teB4rdX+11%7C12%7C13%7C1411%7C1412%7C14131%7C1511%7C16%7C1711%7C1712%7C1713%7C18%7C191%7C1921%7C193%7C1a.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b*.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b41%7C1c11,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:15 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FDAC 43 B
215 B 190ms
190ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=ee7166a1-4244-dd23-9113-7d259932b5cc&tv=%7Bc:lnrOHK,time:987,type:e,im:%7Bpci:%7Btdr:942%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:987,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B981~0%5D,as:%5B981~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:349,fm:teB4rdX+11%7C12%7C13%7C1411%7C1412%7C14131%7C1511%7C16%7C1711%7C1712%7C1713%7C18%7C191%7C1921%7C193%7C1a*.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a41%7C1b.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b41%7C1c11,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:15 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 h6.png
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 841 B
883 B 39ms
39ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/h6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6fc149fe314b6036ea3cdc3377abd4b08fdfe1b0c988d62f3d022abc6a33c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:54 GMT
x-content-type-options: nosniff
age: 411500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 841
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:54 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2780 43 B
215 B 193ms
191ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=638df6c4-3347-ba60-233c-d1ac2f0f8f4a&tv=%7Bc:lnrOI7,pingTime:-10,time:965,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660580474590%7C%7C78632426fd7d79a00193e02aad0b8b0c%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7C28b32439cc937d14ea0dd367926bd478%7C%7C1d75e489b58ebbbe6443217773b89121%7C%7C214c342847ec7b8afbbc142eb7fd525f%7C%7C7d2c2358230342ee40147bb815667f10%7C%7Cf4b9f4a4029f63e5c088ebaecb76a735%7C%7C1629390669,sca:%7Bspg:ee7166a1-4244-dd23-9113-7d259932b5cc%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:15 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 siegel.png
s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/ Frame D0B8 7 KB
7 KB 39ms
39ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/images/siegel.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8510512b36c22bdaa1623d62bb328b8f6482ff6071e7d74ff0d71d622927c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418223286921461760/freenet_202207_mobilfunk_Stroeer_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:54 GMT
x-content-type-options: nosniff
age: 411501
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7235
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7882 42 B
64 B 83ms
73ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5jm0uGTIeWwMxgo6ti09a3Q4i8yPSKk6CAco8qCsmvHeBnYjPKTmBDrfykNmxImTf4yo8ZU13tewiBW_RTVTiyom4SMoMHu7PkUC-IWxZR0Q_EH0d&sig=Cg0ArKJSzKnvljLEk7ZGEAE&id=lidar2&mcvt=1000&p=601,1594,1201,1894&mtos=0,952,1000,1083,1083&tos=0,952,48,83,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=0.77&if=1&vu=1&app=0&itpl=19&adk=715658818&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660580473650&rpt=301&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
227 B 210ms
98ms XHR
text/plain 185.83.71.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x461272/hbw_master_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.66 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://kooora4lives.net
Date: Mon, 15 Aug 2022 16:21:15 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 145ms
48ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.net%2F&domain=kooora4lives.net&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://kooora4lives.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 15 Aug 2022 16:21:14 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1257
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.net%2F&domain=kooora4lives.net&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=ZO0r4nxzV20yaC81d1FtNXgvY1JNT1orbmZCcVhlbXk2OG9nc1NKYjM4bjVSVDBrbXZvdFFXTFZWbVdMMVJmKys3WmhOdENpN2p6VHdoQTQybmVMN1NXeWdLYTVIOGt3ZmJ2MEJ1TUR6M3pPVWVyZEg0alhDbTNDdDljZE...

436 B
682 B

45ms
44ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ZO0r4nxzV20yaC81d1FtNXgvY1JNT1orbmZCcVhlbXk2OG9nc1NKYjM4bjVSVDBrbXZvdFFXTFZWbVdMMVJmKys3WmhOdENpN2p6VHdoQTQybmVMN1NXeWdLYTVIOGt3ZmJ2MEJ1TUR6M3pPVWVyZEg0alhDbTNDdDljZERiKzNZYW1UcGoweDgxY3piK0dHM2Fxb1BPc1FVdkxISnVXTE0yam1GdXVuUVl1dHNQaStEaEZFL21WSU1rSWJwRFBnSVZid0d4SnVrQ2dNUUwveGp0WHgxYTRyS1czL3RkOEpWRm5KN2R6RXgzSUlqa20xa3MwMlNqTnp1S0l1am1oOFExK29ldzdqa1VxMHdBNkdxZS9xY0FKNnR5dz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f49786e33f248047f77982a79239affbb90c325eec128e98703a0d79c65efe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora4lives.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:15 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3931
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:15 GMT
location: https://mug.criteo.com/sid?cpp=ZO0r4nxzV20yaC81d1FtNXgvY1JNT1orbmZCcVhlbXk2OG9nc1NKYjM4bjVSVDBrbXZvdFFXTFZWbVdMMVJmKys3WmhOdENpN2p6VHdoQTQybmVMN1NXeWdLYTVIOGt3ZmJ2MEJ1TUR6M3pPVWVyZEg0alhDbTNDdDljZERiKzNZYW1UcGoweDgxY3piK0dHM2Fxb1BPc1FVdkxISnVXTE0yam1GdXVuUVl1dHNQaStEaEZFL21WSU1rSWJwRFBnSVZid0d4SnVrQ2dNUUwveGp0WHgxYTRyS1czL3RkOEpWRm5KN2R6RXgzSUlqa20xa3MwMlNqTnp1S0l1am1oOFExK29ldzdqa1VxMHdBNkdxZS9xY0FKNnR5dz09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://kooora4lives.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1552
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
623 B 134ms
39ms XHR
application/json 141.95.98.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.68 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216657.ip-141-95-98.eu

Software

Resource Hash

f807db93d3acda15fc5f410c804c304a56d969c8a3a194f0901f0c11778fea11

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora4lives.net
date: Mon, 15 Aug 2022 16:21:15 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 52D4 0
0 76ms
75ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/adview?ai=CDblTeXL6YpvJBuGOjuwP2vu48A2EnYOpa_SC6O_aEPguEAEg5pfWJWCVuvGBkAegAdz4qrsCyAEJqQJ1aG6AgB2xPqgDAcgDmwSqBJcCT9AL6k3Ju8dSMIBkFrqCO6OUHbq8F8rNwqdRkW_eA6r4uMe5y8B9BtwIPRuG7JF3P7iuR2ZpM7IZsUCqGlFw-vhl4-r-jeQT5noZ8Fhx3qJkSoYIhoJk_nL-Im7oA4vAvBXnpbIGyZ8Sc2J2yYbGv7e_35WDD0S40cqRQ8Ey7adt-a0Ytuj9A8Y-wZejnHCIp-RV_ysYTydOnM2Pm43_AL0uaRAeFAK_rrEp6ANa4FRF8eq4ZSW2PdRpfqX5ueluPmFbbghxLGI4QvrBIyAcRx0ltC8WaFwGADThTsK2UHwVv4AdqRyEm3zs7sDUCaDCWm0oKB6DwyJKrNV5YYvqXc3-aOKbii05gBKnqsPRYvRwhq8-1U7MwATt69mV-gPgBAOIBfS06O8_kgUGCBsQAxgBkgULCCIQAxgBSNK-vQGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBkyAB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ0cgPGJrD984B0ggRCIDhgBAQARgfMgKqAjoCgEDyCA5iaWRkZXItNjIzMTk0NoAKBMgLAbATl-__D8gTiPSU4APYEwqIFATYFAHQFQGAFwGyFwgKBggAEgAYAA&sigh=LA3jBOkE1RY&cid=CAASEuRokTCKlM7TDXFSO41uTy9EEQ&vt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 52D4 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAhy6_qHf8wQKJBBCwzYXemRm0ZWPDQYWKu0vdcKxZhzHcO6ef4Wn7bcdHxRyx0CFUcmsO8EFYUH0nQvKJr-xK2Q0-Twf_Sxw&sig=Cg0ArKJSzF183Tatm3F5EAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&pay=1&rst=1660580473959&rpt=493&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 16:21:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9562 0
741 B 43ms
42ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=13701&pub_id=2164617&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13701&pub_id=2164617

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:15 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 64fb69e8-c5e3-4a45-8bda-0188d9430cd9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 52D4 0
884 B 286ms
286ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&e=wqT_3QLpC_BM6QUAAAMA1gAFAQj55OmXBhCWiOqZ1vqhrFIY_aP9t7Dw38BBKjYJthMlIZG24z8RW-rF9ZTB4D8ZAAAAIFyPCEAhW-rF9ZTB4D8pthMJJNAxAAAAoHA92j8w1K_PDDiFa0C8CUhlUKzK7rEBWPjynwFgAGjuyMMBeACAAQGKAQNVU0SSAQEG8GWYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCov8D4ALW-VzqAh9odHRwczovL2tvb29yYTRsaXZlcy5uZXQvaG9tZTUvgAMAiAMBkAMAmAMXoAMBqgO-BwqHB2gNNUBhZHguZy5kb3VibGVjbGljawU69NkEcGFnZWFkL2Fkdmlldz9haT1DRGJsVGVYTDZZcHZKQnVHT2p1d1AydnU0OEEyRW5ZT3BhX1NDNk9fYUVQZ3VFQUVnNXBmV0pXQ1Z1dkdCa0FlZ0FkejRxcnNDeUFFSnFRSjFhRzZBZ0IyeFBxZ0RBY2dEbXdTcUJKY0NUOUFMNmszSnU4ZFNNSUJrRnJxQ082T1VIYnE4RjhyTndxZFJrV19lQTZyNHVNZTV5OEI5QnR3SVBSdUc3SkYzUDdpdVIyWnBNN0lac1VDcUdsRnctdmhsNC1yLWplUVQ1bm9aOEZoeDNxSmtTb1lJaG9Ka19uTC1JbTdvQTR2QXZCWG5wYklHeVo4U2MySjJ5WWJHdjdlXzM1V0REMFM0MGNxUlE4RXk3YWR0LWEwWXR1ajlBOFktd1plam5IQ0lwLVJWX3lzWVR5ZE9uTTJQbTQzX0FMMHVhUkFlRkFLX3JyRXA2QU5hNEZSRjhlcTRaU1cyUGRScGZxWDV1ZWx1UG1GYmJnaHhMR0k0UXZyQkl5QWNSeDBsdEM4V2FGd0dBRFRoVHNLMlVId1Z2NEFkcVJ5RW0zenM3c0RVQ2FEQ1dtMG9LQjZEd3lKS3JOVjVZWXZxWGMzLWFPS2JpaTA1Z0JLbnFzUFJZdlJ3aHE4LTFVN013QVR0NjltVi1nUGdCQU9JQmZTMDZPOF9rZ1VHQ0JzUUF4Z0JrZ1VMQ0NJUUF4Z0JTTkstdlFHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCa3lBQjR5SDFjUUJxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1EwY2dQR0pyRDk4NEIwZ2dSQ0lEaGdCQVFBUmdmTWdLcUFqb0NnRUR5Q0E1aWFXUmtaWEl0TmpJek1UazBOb0FLQk1nTEFiQVRsLV9fRDhnVGlQU1U0QVBZRXdxSUZBVFlGQUhRRlFHQUZ3R3lGd2dLQmdnQUVnQVlBQSZzaWdoPUxBM2pCT2tFMVJZJnVhY2hfbT1bVUFDSF0mY2lkPUNBQVNFdVJva1RDS2xNN1REWEZTTzQxdVR5OUVFUSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM1OTMzNjQxODU5NjIzMTkxNTc0IgkzNzMwMDc2NjAqBzU2MTM5MzE6CTQzMzk3MTYxMMADrALIAwDYA5bNygHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA1qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASsyu6xAYgFAZgFAKAFz-qBoe6P38VbwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAOAFAfAFg6FQ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsGLAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ1OTI4MzA4ugcPCAAQABgAIAAwADjEBkAAyAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfHa4oIAhAAlQgAAIA_mAgB&s=9a4d6c26596261088905c31f8c6d1c7316c982c7&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=4245710831203508933&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26466260&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 16:21:15 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4c4ed80b-0db9-4077-999d-28570b8b9753
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 145ms
43ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 15 Aug 2022 16:21:15 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1309
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
227 B 50ms
47ms XHR
text/plain 185.83.71.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x461272/hbw_master_561849_14381.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.66 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kooora4lives.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://kooora4lives.net
Date: Mon, 15 Aug 2022 16:21:16 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 Tuitype-Bold.woff
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 6A04 32 KB
32 KB 40ms
38ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/Tuitype-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 19:04:57 GMT
x-content-type-options: nosniff
age: 76580
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33164
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Aug 2023 19:04:57 GMT

GET
H3 200 Tuitype-Regular.woff
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 6A04 32 KB
32 KB 42ms
41ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/Tuitype-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:54:51 GMT
x-content-type-options: nosniff
age: 372386
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32792
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 08:54:51 GMT

GET
H3 200 Tuitype-Bold.woff
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame AAD1 32 KB
32 KB 47ms
47ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/Tuitype-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 17:38:58 GMT
x-content-type-options: nosniff
age: 427339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33164
x-xss-protection: 0
last-modified: Wed, 18 May 2022 15:39:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 17:38:58 GMT

GET
H3 200 Tuitype-Regular.woff
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame AAD1 32 KB
32 KB 49ms
48ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/Tuitype-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 17:38:58 GMT
x-content-type-options: nosniff
age: 427339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32792
x-xss-protection: 0
last-modified: Wed, 18 May 2022 15:39:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 17:38:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEMXox1eam_2hj53DfcTwPl0&google_cver=1&google_push=AehlK4DFCt3V0SvkpkfTy3BQUbbpcX08EiPQVRC77lUPBVxt8RFsFl6qc_GMlFYEEI4p9q49Fps7lxCYNABdayZuSC3M9MWw0BTs5HV6sn1fR5MDfncp_SG0iWgeTw3ofMDkMcTMLaxhW7s

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kooora4lives.net/	1970-01-20 14:46:34	Name: __atuvc Value: 1%7C33
kooora4lives.net/	1970-01-20 05:16:22	Name: __atuvs Value: 62fa727635415ed9000
.addthis.com/	1970-01-20 14:46:34	Name: uvc Value: 1%7C33
.addthis.com/	1970-01-20 14:46:34	Name: loc Value: MDAwMDBFVURFU04yMzA2MTkyMzAwODAwMDBDSA==
.kooora4lives.net/	1970-01-20 14:52:20	Name: _ga_6XQ0HCVXZH Value: GS1.1.1660580470.1.0.1660580470.0
kooora4lives.net/	1970-01-20 14:01:56	Name: HstCfa4625840 Value: 1660580471001
kooora4lives.net/	1970-01-20 14:01:56	Name: HstCla4625840 Value: 1660580471001
kooora4lives.net/	1970-01-20 14:01:56	Name: HstCmu4625840 Value: 1660580471001
kooora4lives.net/	1970-01-20 14:01:56	Name: HstPn4625840 Value: 1
kooora4lives.net/	1970-01-20 14:01:56	Name: HstPt4625840 Value: 1
kooora4lives.net/	1970-01-20 14:01:56	Name: HstCnv4625840 Value: 1
kooora4lives.net/	1970-01-20 14:01:56	Name: HstCns4625840 Value: 1
.kooora4lives.net/	1970-01-20 14:52:20	Name: _ga Value: GA1.2.1083353256.1660580471
.kooora4lives.net/	1970-01-20 05:17:46	Name: _gid Value: GA1.2.868592108.1660580471
.kooora4lives.net/	1970-01-20 05:16:20	Name: _gat_gtag_UA_150096121_1 Value: 1
kooora4lives.net/	1970-01-20 05:59:32	Name: _pbjs_userid_consent_data Value: 3524755945110770
.kooora4lives.net/	1970-01-20 14:01:56	Name: _pubcid Value: 2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea
.doubleclick.net/	1970-01-20 14:37:56	Name: IDE Value: AHWqTUnnqZ1u6cVTinbxNUfDQJjL8Q9VMpFulE70TSckwFdquasqcI7ocH1SH5dPPhk
.lijit.com/	1970-01-20 14:01:56	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.openx.net/	1970-01-20 14:01:56	Name: i Value: 2ddc71ec-49e0-40a7-b35c-f2da2dbdf9ea\|1660580472
.casalemedia.com/	1970-01-20 14:01:56	Name: CMID Value: YvpyeL8d7SG6SamEocLP1wAA
.casalemedia.com/	1970-01-20 07:25:56	Name: CMPS Value: 1205
.casalemedia.com/	1970-01-20 07:25:56	Name: CMPRO Value: 1205
.adnxs.com/	1970-01-20 07:25:56	Name: uuid2 Value: 4720194085195829757
.rubiconproject.com/	1970-01-20 14:01:56	Name: khaos Value: L6UYQKUZ-21-7LQM
.rubiconproject.com/	1970-01-20 14:01:56	Name: audit Value: 1\|naVuGyos1qr9hQYzOfDQpANb0fGVcfL/XWaA1sYWTLHCRi4Lg8bJK7vKD2rqN7999xn+HVIwlvMpM2sIN5l8GeBxGCOXoSK1rBxTzh2elvfc6UO785F0Pw==
.adnxs.com/	1970-01-20 07:25:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In2oU9'x!]tbPl1M>e)ZlrFUfJ+tGXxp?GY%f'[HUkHXX@8Y^^5U:HO3C)`dVvS3?q0N3If)y3KL9D3I?+lY+2>_
.doubleclick.net/	1970-01-20 05:16:24	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 07:25:56	Name: CMTS Value: 1140
.kooora4lives.net/	1970-01-20 14:37:56	Name: __gads Value: ID=d562cb2546f0669c:T=1660580471:S=ALNI_MZqoKBLmfqE5V-ASk2s5uuas75M4A
.adnxs.com/	1970-01-20 07:25:56	Name: icu Value: ChgI4axaEAoYASABKAEw-eTplwY4AUABSAEKGQi0xIABEAoYASABKAEw-OTplwY4AUABSAEQ-eTplwYYAQ..
.yahoo.com/	1970-01-20 14:02:18	Name: A3 Value: d=AQABBHly-mICEN1u1tKlNvVU_CFzt6BLaDkFEgEBAQHD-2IEYwAAAAAA_eMAAA&S=AQAAAiouCJgbljRetUUaDrMh4m0
.spotxchange.com/	1970-01-20 05:56:39	Name: audience Value: 4807d8b9-1cb6-11ed-baff-11a3cbba0506
.analytics.yahoo.com/	1970-01-20 14:01:56	Name: IDSYNC Value: "18yl~26ls:18yx~26ls"
.ctnsnet.com/	1970-01-20 14:01:56	Name: cid_619764c04edf47518c398c787bb3f959 Value: 1
.ctnsnet.com/	1970-01-20 14:01:56	Name: gid_CAESEMAZ7j1UcQv5OsstBjxyrc8 Value: 1
.blismedia.com/	1970-01-20 14:02:00	Name: b Value: 62FA7279A40E0993DDB6633ABLIS
.ctnsnet.com/	1970-01-20 14:01:56	Name: cid_5b516b9ca0f045cba16870a4379277ef Value: 1
.turn.com/	1970-01-20 09:35:32	Name: uid Value: 3636160803807629280
.adform.net/	1970-01-20 06:00:58	Name: C Value: 1
kooora4lives.net/	1970-01-20 05:16:22	Name: hbmp_cap_h Value: eyJhcHBuZXh1c19kbWtwIjoxfQ==
kooora4lives.net/	1970-01-20 05:16:48	Name: hbmp_cap_d Value: eyJhcHBuZXh1c19kbWtwIjoxfQ==
.adform.net/	1970-01-20 06:42:44	Name: uid Value: 6742084910164305865
ads.smartstream.tv/	1970-01-20 14:01:56	Name: DID Value: 1fdbb36f87c9a0bec7dbe8fb42290c19
ads.smartstream.tv/	1970-01-20 14:01:56	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 14:01:56	Name: permanent Value: 1
.sxp.smartclip.net/	1970-01-20 05:59:32	Name: uuid Value: a7d36910-7a72-fa62-65ff-e27d26b3e82b
.criteo.com/	1970-01-20 14:37:56	Name: uid Value: 756b4da4-3967-4c4d-a0be-272da9faca0d
cm.adsafety.net/	1970-01-20 14:01:56	Name: UID Value: CM1202208151655fe17ab6bef021ed5e
.adsafety.net/	1970-01-20 14:01:56	Name: cm_uid Value: CM1202208151655fe17ab6bef021ed5e
cm.adsafety.net/	1970-01-20 14:01:56	Name: cache0 Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvcjRLeTl0TWtqYk5wVldKNUdsU2pIUkFMOXhpb1ZXYUpMRjZEMFd3Z28zeEVyczZ1Y3A4R0kwa1AxMTEvcG1PMlg2Rmp4djQvS3pwRnQxT1pZZUpXNmR1TjhJZWxkTG8zT3c2MGhCOExNamF4TFp4dEx2NkRDaENTQ2hKWFdjRUNMSG5tNTY0ems0a3JOVTFGRk11YUtPUTdjYXNqVUNtTTZRODlNcElzN0w0eFppNXVSZkpvYmpNeTM0emFNd1hyMFNaNC90NzBkUzA1TTdoUC9qK3ErSm1waGVURFVDL25lQ3Jab2kwM3JkQmFOWk5wWVdPekdya2l2K0RkNDBXSUl2L2dmY1Izc1BRWnQ1WjZmVDBGTXl3Z0gvZERoSWRySWtNblpEcnNZb2RudUJxVU1GTktIbTJPclNpWTdqTnhnPT0%3D
.sxp.smartclip.net/	1970-01-20 05:59:32	Name: dspuuid Value: 10.CAESEOrMe0IcW0yRmZZ4E32wTUI
.sxp.smartclip.net/	1970-01-20 05:59:32	Name: psyn Value: 19219.10
.kooora4lives.net/	1970-01-20 14:37:56	Name: cto_bundle Value: 2cieA19SRXBmNjh6YU9NVGpZJTJGM1BmZjMlMkZpaSUyQkZiNThybzBVSVg5YiUyRkJSa0MzRVU3R1lLTFJqOTRFS2drOEtna1dDTldjdiUyQnNTVjFzTThqVjhMVmlXdGc1UW9WTXVicjFJY1d4djhwQjhVc2ZYdWFWRlE2QVl4eVklMkJ5YU14TUUyMmpqYSUyQmRrT3pLM3BTZndFYnp1SklmU1VFUSUzRCUzRA
.kooora4lives.net/	1970-01-20 14:37:56	Name: cto_bidid Value: TLiz4V9UdGlvSnRGSHBBbkp0Vk0zc0ZsR1NoTzA1RzZoNzM0N3A2eExMZmxQS2oxZDhSbWpXWGk2UHlKVW9KbFo5ZHpOVUFqM2o2ZkxVWVZwZ0Vsd3Q1dTdTcEhJVDBKOWZLZHMydlJrQzlZZk5PbDE0dnV3ZlZKWkZHU0N2cXNaWTdQbA

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://kooora4lives.net/home5/(Line 72) Message: <link rel=preload> must have a valid `as` value
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/egy_ismaily.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-2-6.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/08/download.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/1378025755.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-2.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4-3.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/09/HellasVerona2018_7_29_15_11.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-3-5.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4-2.png Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://kooora4lives.net/home5/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.sxp.smartclip.net
ad.turn.com
adipolo.com
adipololtd-d.openx.net
ads.smartstream.tv
adservice.google.com
adservice.google.de
ams3-ib.adnxs.com
ap.lijit.com
api-public.addthis.com
b779528510c89066291ddcabbd5f10fa.safeframe.googlesyndication.com
bidder.criteo.com
c1.adform.net
cdn.adnxs.com
cdn.ampproject.org
cdn.jsdelivr.net
cm.adsafety.net
cm.g.doubleclick.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
ghb.aplhb.adipolo.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
jscdn.greeter.me
kooora4lives.net
m.addthis.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
player.adtelligent.com
player.aplhb.adipolo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
r.turn.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
s10.histats.com
s4.histats.com
s7.addthis.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
static.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kooora4live.com
www.kooora4lives.net
z.moatads.com
google2waycm.netmng.com
prebid.smilewanted.com
s7.addthis.com
104.18.19.126
141.95.98.68
142.250.186.162
142.250.186.66
147.75.85.234
15.197.193.217
151.101.65.108
172.217.16.194
178.250.0.165
178.250.2.146
18.202.123.230
185.184.8.90
185.64.189.112
185.64.190.78
185.83.71.66
185.86.137.110
185.89.210.46
185.89.210.90
185.94.180.126
192.99.8.28
2001:4860:4802:34::36
2001:4860:4802:36::178
2001:678:cb4:bbbb::11
205.185.216.42
216.52.2.48
23.35.236.188
23.35.237.151
23.47.209.72
23.47.212.127
2600:1f13:800:7782:22a8:1ef8:27f2:ceae
2600:9000:206e:ae00:1b:5138:8a40:93a1
2600:9000:214f:200:8:48e:53c0:93a1
2602:803:c003:200::41
2606:4700:20::681a:1cc
2606:4700:20::681b:4071
2606:4700::6810:5814
2a00:1450:4001:803::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:20::2010
2a06:98c1:3120::3
3.126.56.137
34.96.105.8
34.98.64.218
35.156.35.28
35.186.193.173
35.186.194.101
35.227.252.103
35.244.159.8
37.157.6.246
45.133.44.3
45.133.44.4
46.105.201.240
51.89.9.251
69.173.144.165
88.80.189.68
91.210.226.72
00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0
012bb7853079db95a8f44671bc867eec7d09ff13c92794d75ba81003747bfbe7
01931ac53e7a4f3bd86cd9fc1201c20272ef96757fea8b0019f8daca677c860c
01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85
02f5c978a7e0da6d667b79c9d7b76b653a384e9956cc73e05a72e0a512b87695
03ccb28d3c0800ef0361cde499af29fe99b708827459f52f99eb4c85079ca308
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0766eb9738336f45c8fb97d62da83ba364fae946a8aa98ae2fc4f29a4f172aaf
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
0af374f8cbcb355cb1e9761a08c2d41400bf81b7f9ad176ef22871d31bc31ee6
0b7268a700c3f464c73d9c6aba81c5fb3820bb9938e610191cdadf32fc538b79
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
0f8c58c495cbcbb6d56e6cc071aefd71729a314604c6d6d30292a3a39fa68b18
0fc1d0d947eb9bc565d93c1af9f97dc6274156325cd89079953d796c527c6fc8
10437a025fa5891bd847ef8d1ce13dd67e813ed2f220b527f9056fde236b8e9a
10e5c71afbbf5c0af544c26e4404839707208e0f679b2864f05fc54d1a2a9770
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14206674d461ff9debc70712d20abb311839d16d2a8edf4460813d7e4f04399e
14addb0d62ad36d44f4a35b2302d30ff9368beec6df1ae7e15398b5a25d3b1b9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1a34255f86629248f80619e57c30569ad16f856d01adfd050d0a187a4b060177
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
1e05f59424cc1448509671ba2990ea2f6e73ffdeefeaa9c5a2b1933ca14892a7
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
22f73f8a886438e89bbe9513cc07fe9fbc038b63117ac55c58c6a039fbd02ebb
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23d1982d4b8ed7ce0568101acd999bd88a928ea955ab45dfd63717172b3b2b4c
24dfce58e5f6fa3f6cdd2959194f04c08757849ad8b3e3fb21da34d47732c34b
252af27dff2d714fae7aae5783d33fb6a2f5089bd387717569317188c63c2a3f
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8
28fb7c5cd0defae982abca385225debb15f20197cbe3d741b070f390c9dbd542
29430e7d487201eae25a31b467892c2fa65e1e333cc91bc3e022e396ade4068d
296039b64fe35c1a53b6b25270c3cf34bed0d59f5b13fd5a90ad0ae0038b96e1
298489bf6f86bf4e84db440169bb7665e6d8bbcec4de55d87cec22462dd571fc
29b763c86cde423f25cb897c794bc469c2c475bdf5bb4211896e6e0f47c097fe
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2bd4aa019a1b6db6a8fffde9f05f2579e459201f7c0e18bd4a72dfa4dc1561b8
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f41be0c2cb0c727fe2d07d3b7160f2dd1a52680f1421bf98a7c8738434a55f4
3067a5f035930a60c9390a74974bdcf78dd1c835a101d6567c92c6bf5e41ae52
30f634e5cee1ff5942cb19c0667435e895c64969f3c9dbab99b06b83d218a924
32391ed06d57de4a424e3802813b808b74b0bd661b6d9c0893e334897216ae15
324df5d117a1e138320b145ee863862c09b3c359086380979059daa4962f4c27
3265c5548e8e8c2f92597f08cb275c56363b38d42ba7da2066ce3141b41f7de3
32815411750eade0c3e9004923eda566341c105cea7f5d943244ac72196d4e72
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
338cc71e3573fc434aa46c637c9d7b2706e57ee1b893417aebc91308b0254f38
3478d39ef0abd569340ddcdcf8413c2edba55f3767079c93dd150c6c89138e88
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38d08cb91aebf6b33bb560d39265b174413c0112c64ad9a214cf9252336e266f
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3ab9eb1b5e0926e9778eadcbb34fa2718370ac32ee5be934f4557ee77e2e8390
3c3c59b7c90ba3aebb087626871795373696638075e61e99a20527a2a5924c2e
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d3f8b7466479b2c40a3dfdc1a28d38195bdc4c78fff4ae5e69e7546041409e2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f2aba76e87ef0315c68aecd6ba66181c03ac66d6162bb3f8e8c7f89a9067b59
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
43e08bfd6875e8d464d705bd0801528ce3b2138ddcebf2f2b969c7c7b0326f80
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45ba8cb65f35489fc6d6c2aea04344fe107f3dfda6541f112ab05db5ea939a53
4640e2da76072350a981b0d59d16d7dd92787d43a9994272a0dbe901d0a68a23
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
47f7ecfbd0b9ff7cd8a2de99def60a20b782bf76bcc01bca3f90bc20805ab513
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
49da9ea975537d77c8a0694d2633e11645beeeaacdc75f2947c54dba87ef3075
4aefcd2e6828b237e666c9d5cd1779e534b5e1ce9136e0ebb6ee398aa210e891
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf927bfe5c37fee626b3bcc1595b82a10859d654d2e6f3b0315c75bdea5575e
4c0118fad2e9d4cedd63ac0d1ab2a94a41e51cfd33b89e02dade3e245758f053
4c5a654aa0267106a9752ed84cc61f9d3459912723bd2c1aaced32f6c73cf3c4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6d5cbec4fa0435b5307accc162df34fff6f4eb29050eaf1bc2ce28e2c4cdf3
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4f93579e5eb01d2b804b5f5553765f02b53656009ea43f244caa44e471a99de0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
513f26c4e3c3fd447d3487df6ce1fe20660ca62fe2ba749c5fe4b37e01de41ab
5149cf14b56cb331459f7ba03e27f17ff83fe2261c556879fffbcb3b402410b6
51557187f182031eff1383ca23dacefdd112af29f7266fb4531b8a60a5c18b39
51ec9422eecc62d3a9be404ca2035d02c21a378e7790c24e5be14f22b5660ad6
53b8e119aed83815ba6c2fa51e63f3760a1a6ecc0131a8b2a35b695c746ddf70
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5ae6eae023721b5d92b2332eafc4227a6d82aeec40f951806827bb5242b7091f
5b083d13587c8ebdcdc1bc4d1d65245e163842aa0e3181a882356fe58d17ebd2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e317a38df40a2d94a089c9e2d3b2789e21b5c2123abf4e6ac5b32089d177df8
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
617f7bc9ec4bf9735146f5f979ed31d7e7141351dfcfe15773ee903d8529c6aa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65b04581fbcaa9e2ae81c50412a5c1e976dfaf25cee2aabd4308543c83298db0
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
686c3664eb15e47a122b080780766e1d1cbdaf04c3454f06fef24ad5d39d287a
6914756a2773260c86412e094f95cec7ca06be35b44217badc1d1d8bce201257
69baa42b5243c9fad39140cd27772eb779a829f93bbc325e2e695fd8b74f4371
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f039a988d1611052fd690332adcf2199c47eebcc77fe9926a084a2e316216d6
6f1f516a71636c8d3dca11560a9f70465002c9221328e8f4f095aa77a93d6bc9
704d558db1216604ec86038cc7c4499b610dd6c5113f75bf8ea0620b31645d02
71c9e00c63d5280db7c8e314d141bb05a872c2c195e3cd3523e8a4691a6b7205
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
72d2367dc35967c758f93deefb69e76a1cfed9be0dcab06fc8ae2bf8d37bc879
7310148aef9b5a6415c86ad58145e45ca053cb4dd04ee071a3840355f955966b
757c6dc6f0497810e93559029b21701920c7d217ebdd2a276fa308bc53fa7765
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
767af7e4af13b996969709757995782f82467d9b08a25330b3f97a2ab366e1ae
769a2c178865eb30b91e1f57d8be572fddb93af9c234c610e8d09ad59ccd27fd
7897757471988b6dda805254de287e19033514ae748b13569acd29dd275c8d26
78d707e764332efe4a8d928a8726b495449073194bf4b9ca22856f08d5cafb8e
7977bd9c62b5aae0aeb0dfdabcf9277ce5301a02f499dfb161279d555644a944
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
7a2f9d442f2bdcfc85728dbe33d891a4e160d31a22e80811519cca5e4493ca00
7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9
7b49d8b0e54e56f9ecf39b90899c8338b9d7dfd0f733e605c71883c0fa51943c
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bf996ebe7fe4185e029a296a87c765f4282eb042ca2d5ba6c17474f58ea0881
7c409f494ee43633c5e2caaeac201b20d165c0bf295d05133ceaf9ac385cab97
7d8dead7ca9ab7e2cd512571abe3159ac5c312e9f3c9cc10fcf604e68c924087
814d433afa1683240da7e318ddafa6c174cbd622008b30a14c415610132135af
81976775fecf2752aa0b89d19da6a7d0c318f2db7894a7202f60cf50bdab31e6
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
8419d5a3d70d79fa0696485c288dd2463ed67b894131f3a66a03ec70fb7d1c89
84f5d11028dfcd578417da4a0b68a2ef017244a90808ba2ce1813aa7bfb9b8bb
854519d07d155c90609264652626944b998fdf68a153e9a5b8c44173d401329e
863bffea51b0ceb2e67a6b72fac323e661da7f469575a7d05d6f54a69f5bca5f
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
86ba14a7f07211d538234cbed845fa7ab540607704f5b54218748554c036898e
882bcbbe0b6e278d2745e4db1ded65f1fc9a44fd7d98363388108bf93fb88bdc
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aee0691c1e66565ade6bc5004cba455f209b8999411b3887f45281fdd270a7d
8cb09d6bbf1f871a0e4adffb6f76b310c218520f050efd5755b89541e3f00609
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d89a2433e7f8f1ad47940635423c18359783fd7d659822733b556e00d2bc558
9057f053c23ec7f79a0ccbc7e389ea12fdbe601d346f6b794822ddd062a4dee3
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90e1b20d594cc9f7e35aa6a1065d4523af23cf94acc7017798b5b34152e58e00
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
91629c3651a376b4721adeb0037851a7826513db51dfbeefa1cc868c538074fa
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
93f68a2037ca60ef00c6fdc65faf32a333264a5f490da174b06b46d32785f906
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
943bffe44175fda268b40ed3fecfcf77df13d166786504fa59f30567319d9a1e
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9700c7f7a3f4486aeed37c45c5f26ac789894f03d564dc291f2b699e3f214713
97cdf067606c37c831a54b3ffc71cafb94ff1f4db84a1ba620b2e9e43cc1084d
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1f6139cd11db9f41ef24575cd59d3f14cbd1c239ce23aa887ef1ad8b3756ed
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
9ca5f6af0bc4826acb3cc28ffeceef3d7eabf791d8e4ab137e4304dcd9306d94
9ca835533fc4836f0ceefea006b64fdf2ff220e4af8c7f35f9feb0578ef1a963
9d2e40c328722f13bdefcc6dbbee3586b26a70a1bc9012fdf6f5d80220ca8589
9e1f996fadd7bb482eb624ba7b2c3d0c110326de722e60e74171822ca37a4534
9e8301f281e0259b178e64dfcf981c041cd8f83b0eb25edbd75273b5018b1e2b
9f6f9937e14b476088dcf572745a8072db1eb2c1878c7c58ba8ffd715dcb22de
9fce620efedb3a0ab107c356a4980ebff44cb931313fa31fd201b2e28121cfae
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1
a3966b1d5970afb5da5ea892f638c940f89fcf81ce865d611cc5e5b65a7ad725
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bd7c4698b184c28b8c407a835ad2cbe2de9d2a9341af32d6fa8dcf1c4eb94b
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7376fb82a98db2648618531d9102664c07f741d3d25501ffb9d5b7103525777
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
ac711b778a5abd8556b9c3e019f7aba0ecbb8dbf6359b80a380e5902600db010
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad02b19518e56e52b942d8aadf80bf2892d0f3bcb74b3d183cf211938154d8d1
ad4bfd0ec0ccf3d84a1135268590fb0fd72818b8f275a0e65806a908752ed2bc
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae6d0a19bf5829c1066cfa6fd7b49f731bf2ef2e2782c7e5a4310f4613d950ac
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
aef570f7199d6f79c59ac72aea69925a6ae257f2f6bc04de3d011c8e6f4502ac
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15891f6bdc27b2e7c54f1a6fecba562ea0bfc86f8ea85b63f1f54a420c30264
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
b41d60face1b293297c046e0486070665b3b27a0225510b272064c31c278e628
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b6b3b484d4e929920d22052e680577b181eec29fb6dc2aef0c14dd2893d55ea5
b7d6728628ef211d3b30f62aae45ab63fd79dc5ab17ad2dcf6f1bbce1268700d
b8d456b6a5ddc02a9c5b625cb9e64da32424004d7878a318617b77be9995e8eb
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bada252395d190c0be802b54935df22a2bbf63022c8652515f84afb0d00719d0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb50c7836002d9800d898fc436fae8d07e5f92d9946517aa8f2d9b172c491cc4
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bcc5ede292556469a700e8ff7a0c0bc9044a587b59f6b621ffb935fb3720b785
bea07e81a3b18419a0e7d31385dc6b13660ff3338c2b54e6cc7e966ba2fe6143
bf12c3361e02190b8ed61414e3c5562b20ca3285b475e049e45620f269e43832
c0267de76da298376bb94a9eb92787cbcdc8cada5bba2f6a674865c048dcb664
c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a
c03953fc13eb8db32714771621a082908c0944fc8bd3dca7ab0dc7734f10bd77
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c1316c59ebb7ebf3879a5d7f1fb1644a34769bcaa22e24ce93d7b2e9c43fa0db
c134b16c1c37ace3b769503c1218e65d7aa7d552c5d7c9cb62682415b4e276bf
c24dd3bb029e63d66f4cb08a5bfc8e2b1eb0d7e0ca33df82f2b5c708ae2b189a
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4f928994f8763e24518c0f307e0fb7bed5f37e14e73943414b0d5757bf14a47
c5cdd831bbd25444ecfae13ef4db01e352c956de5463b21db8d2f2039ec4c9a8
c60e3aa73627a9fa0a352e64d12c004924052cc0fbe4b45ee08fd831447fef07
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c8510512b36c22bdaa1623d62bb328b8f6482ff6071e7d74ff0d71d622927c2d
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d11c03c9ffd7a68512f6827266613da2b089d2429c6ec9729de7868650b96c89
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d2c5878199aaf317f562842f70102d6de20ea01b1649d909a9d4c46ce3624de2
d2fe4385460edc25cb2f1bfc7bb68d75d55f278d7e710c51ae3d575d6d817985
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
d34fa00070f2bd5c8fda1cb19b82cda756edd7c174c59255afe65360e6a5e489
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8760ebdf191f44b2bc457e92eb0c64ad3d7faff612d28c8dd8cc8b6b3f5f356
d8966ecf45fde9fc2d5f3bdd89665b074a72f379ed58b681031e8d4a1be93b78
d96da7a2ff4125250016ce45e9c7681efb880de8491352e46a7062f86f5c41cc
daa2101a8136cc4ea1e6ebf6f6064808dd5018045a821b7061ca6e7462aa68db
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e0c84b50c3aeabd0aa6eda94c5bf1f914476d4cafb8e959b9b33b59c31839a9a
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
e6e080e881e29a77d25b2707d3d130d52bf039080f439ffe7618ed9ebe5c0d8e
e6fc149fe314b6036ea3cdc3377abd4b08fdfe1b0c988d62f3d022abc6a33c47
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8d245c20017c8ded328ee520b0253ce7d2d1743fcf1ef8dc65fed31b89d4cf2
ebbdaa5cf7d6df17795466e4604fea9bbed1b49554bc4d61c1148aa642401709
eeb2dfe84f66ddfeedcf1d701a504e31240afc9772e726f3881452c0534fc55a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02611d82e72fff74268fc1f41e887a5129283d94fa5b0e981c2d6c028e6e906
f14ace961895fa01e585a7d6bbff3123b88e1ead42db3309f59f3177bcd60525
f1e99c2f32b6a9fafc6fa838e1d7fc4f20a1074912dc4d4544705d404918520f
f2625e678cc223810d1a7f1f80c7dacddffc75b97b384f17d8851f14084c0b0e
f2a16274be59ad657643733f729148c16540f8dba5ee270eb94f5d25461c9f6c
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f49786e33f248047f77982a79239affbb90c325eec128e98703a0d79c65efe22
f5f24595c561813ac2757937f6fce099963b3674c573170601808a908c221672
f70e21f986e952c4c99ddbb0226df11b3de722b1050153a767451b5c3239d27a
f807db93d3acda15fc5f410c804c304a56d969c8a3a194f0901f0c11778fea11
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
fb44b647fb1b4d0669c228bd44b21eba0120a5c6d360fe2a6d81875875918814
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fd531f9dde4d22dfe6cdebb61d03aaaaca6ccd5ba6b8e09b8f50e9fcfa6b6314
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

kooora4lives.net Open in urlscan Pro 2606:4700:20::681a:1cc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

506 Requests

91 %HTTPS

40 %IPv6

51 Domains

78 Subdomains

64 IPs

11 Countries

4910 kBTransfer

11640 kBSize

55 Cookies

5 Outgoing links

Page URL History

Redirected requests

506 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kooora4lives.net Open in urlscan Pro
2606:4700:20::681a:1cc Public Scan

Screenshot
Live screenshot

Full Image

506
Requests

91 %
HTTPS

40 %
IPv6

51
Domains

78
Subdomains

64
IPs

11
Countries

4910 kB
Transfer

11640 kB
Size

55
Cookies

506 HTTP transactions
16 data transactions