m.kooora.com Open in urlscan Pro
104.18.8.101 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m.kooora.com/default.aspx
Submission: On December 10 via api (December 10th 2021, 9:32:42 pm UTC) from CZ — Scanned from DE

Summary HTTP 284 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 50 IPs in 11 countries across 42 domains to perform 284 HTTP transactions. The main IP is 104.18.8.101, located in and belongs to CLOUDFLARENET, US. The main domain is m.kooora.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 8th 2021. Valid for: a year.

This is the only time m.kooora.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
84	104.18.8.101 104.18.8.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
8 31	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	104.18.9.101 104.18.9.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.208.32.237 52.208.32.237	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700:20:... 2606:4700:20::ac43:4487	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	13.35.253.73 13.35.253.73	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:16fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	188.68.250.238 188.68.250.238	197226 (SPRINT-SDC) (SPRINT-SDC)
2	2606:4700:20:... 2606:4700:20::ac43:4901	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	54.229.158.181 54.229.158.181	16509 (AMAZON-02) (AMAZON-02)
2	104.19.149.54 104.19.149.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:7e00:1f:612c:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
2 4	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
12	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
2	52.1.153.66 52.1.153.66	14618 (AMAZON-AES) (AMAZON-AES)
2 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 6	3.64.158.25 3.64.158.25	16509 (AMAZON-02) (AMAZON-02)
6	104.111.244.187 104.111.244.187	16625 (AKAMAI-AS) (AKAMAI-AS)
3	54.161.40.243 54.161.40.243	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.238.175 35.186.238.175	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
21	2606:4700::68... 2606:4700::6812:19f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	148.69.64.76 148.69.64.76	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
11	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
2 2	18.185.171.80 18.185.171.80	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:f9a2:1d20:7db2:a370	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	81.94.208.229 81.94.208.229	34587 (HLM2-AS) (HLM2-AS)
284	50

84 104.18.8.101 (None, )

ASN13335 (CLOUDFLARENET, US)

m.kooora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
o.kooora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.kooora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.185.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.9.101 (None, )

ASN13335 (CLOUDFLARENET, US)

o.kooora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.32.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4487 (United States)

ASN13335 (CLOUDFLARENET, US)

kooora.cognativex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.cognativex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-73.fra6.r.cloudfront.net

t1.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:16fb (United States)

ASN13335 (CLOUDFLARENET, US)

ktv.kooora.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 188.68.250.238 (Olsztyn, Poland) 1 redirects

ASN197226 (SPRINT-SDC, PL)
PTR: n8250h238.sprintdatacenter.net

gaae.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4901 (United States)

ASN13335 (CLOUDFLARENET, US)

striveme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.229.158.181 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-158-181.eu-west-1.compute.amazonaws.com

collector.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7e00:1f:612c:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

detect-survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.216 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.153.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-153-66.compute-1.amazonaws.com

survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.64.158.25 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-158-25.eu-central-1.compute.amazonaws.com

tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.244.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-187.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.161.40.243 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-40-243.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.238.175 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 175.238.186.35.bc.googleusercontent.com

ae-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6812:19f6 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v2-ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.69.64.76 (Rio Tinto, Portugal) 1 redirects

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com

sender.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.171.80 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-171-80.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:f9a2:1d20:7db2:a370 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

adclick.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.94.208.229 (Stoke-on-Trent, United Kingdom)

ASN34587 (HLM2-AS, GB)

members.bet365.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
86	kooora.com m.kooora.com o.kooora.com img.kooora.com	822 KB
32	doubleclick.net 8 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net adclick.g.doubleclick.net	234 KB
29	googlesyndication.com pagead2.googlesyndication.com bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com tpc.googlesyndication.com	150 KB
21	cleverwebserver.com scripts.cleverwebserver.com v2-ui.cleverwebserver.com lp.cleverwebserver.com	212 KB
14	permutive.com cdn.permutive.com api.permutive.com	443 KB
14	moatads.com z.moatads.com mb.moatads.com px.moatads.com	94 KB
12	effectivemeasure.net 1 redirects t1.effectivemeasure.net collector.effectivemeasure.net detect-survey.effectivemeasure.net survey.effectivemeasure.net	11 KB
11	2mdn.net s0.2mdn.net	291 KB
9	evidon.com c.evidon.com l.evidon.com	37 KB
9	gemius.pl 1 redirects gaae.hit.gemius.pl ls.hit.gemius.pl	54 KB
6	opecloud.com 3 redirects tagger.opecloud.com	2 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	google.com www.google.com adservice.google.com	2 KB
5	kooora.ws ktv.kooora.ws	40 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	57 KB
4	adsrvr.org 2 redirects match.adsrvr.org	2 KB
4	adnxs.com 2 redirects ib.adnxs.com	3 KB
4	facebook.net connect.facebook.net	195 KB
3	googletagservices.com www.googletagservices.com	110 KB
3	facebook.com www.facebook.com	474 B
3	googleapis.com imasdk.googleapis.com fonts.googleapis.com	30 KB
3	google-analytics.com www.google-analytics.com	54 KB
3	cognativex.com kooora.cognativex.com static.cognativex.com	51 KB
2	3lift.com 2 redirects eb2.3lift.com	943 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	clevernt.com 1 redirects sender.clevernt.com	375 B
2	google.de www.google.de adservice.google.de	1 KB
2	striveme.com striveme.com	140 KB
1	bet365.de members.bet365.de	716 B
1	o2online.de portal.o2online.de	607 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	460 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	962 B
1	blismedia.com tr.blismedia.com	141 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	509 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	586 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	538 B
1	mookie1.com ae-gmtdmp.mookie1.com	608 B
1	prmutv.co f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co	453 B
1	googletagmanager.com www.googletagmanager.com	47 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
0	netmng.com Failed google2waycm.netmng.com Failed
284	42

	Domain	Requested by
52	img.kooora.com	m.kooora.com
25	o.kooora.com	m.kooora.com o.kooora.com
19	lp.cleverwebserver.com	m.kooora.com lp.cleverwebserver.com
19	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com s0.2mdn.net
12	api.permutive.com	cdn.permutive.com m.kooora.com
11	s0.2mdn.net	m.kooora.com bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com s0.2mdn.net
10	px.moatads.com	m.kooora.com
9	m.kooora.com	m.kooora.com o.kooora.com static.cloudflareinsights.com
8	collector.effectivemeasure.net	1 redirects m.kooora.com t1.effectivemeasure.net
8	gaae.hit.gemius.pl	1 redirects o.kooora.com gaae.hit.gemius.pl m.kooora.com
7	securepubads.g.doubleclick.net	m.kooora.com securepubads.g.doubleclick.net www.googletagservices.com
6	c.evidon.com	m.kooora.com c.evidon.com
6	tagger.opecloud.com	3 redirects www.googletagmanager.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ktv.kooora.ws	o.kooora.com
4	match.adsrvr.org	2 redirects bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
4	ib.adnxs.com	2 redirects cdn.permutive.com googleads.g.doubleclick.net
4	www.google.com	m.kooora.com tpc.googlesyndication.com bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
4	connect.facebook.net	o.kooora.com connect.facebook.net
3	www.gstatic.com	bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
3	bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	l.evidon.com
3	www.facebook.com	m.kooora.com
3	www.google-analytics.com	m.kooora.com www.google-analytics.com
3	z.moatads.com	m.kooora.com z.moatads.com securepubads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	googleads4.g.doubleclick.net	m.kooora.com
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	sender.clevernt.com	1 redirects
2	fonts.googleapis.com	bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com lp.cleverwebserver.com
2	googleads.g.doubleclick.net	bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com m.kooora.com
2	survey.effectivemeasure.net	t1.effectivemeasure.net
2	cdn.permutive.com	www.googletagmanager.com cdn.permutive.com
2	static.cognativex.com	kooora.cognativex.com
2	striveme.com	o.kooora.com m.kooora.com
1	members.bet365.de	lp.cleverwebserver.com
1	fonts.gstatic.com	fonts.googleapis.com
1	portal.o2online.de
1	adclick.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	v2-ui.cleverwebserver.com	m.kooora.com
1	scripts.cleverwebserver.com	m.kooora.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ae-gmtdmp.mookie1.com
1	f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co	cdn.permutive.com
1	www.google.de	m.kooora.com
1	detect-survey.effectivemeasure.net	t1.effectivemeasure.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	ls.hit.gemius.pl	gaae.hit.gemius.pl
1	imasdk.googleapis.com	www.googletagmanager.com
1	www.googletagmanager.com	m.kooora.com
1	t1.effectivemeasure.net	m.kooora.com
1	kooora.cognativex.com	o.kooora.com
1	mb.moatads.com	z.moatads.com
1	static.cloudflareinsights.com	m.kooora.com
0	google2waycm.netmng.com Failed	bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
284	66

This site contains links to these domains. Also see Links.

Domain
cleveradvertising.com
tv.kooora.com
striveme.com
www.facebook.com
www.kooora.com
twitter.com
www.instagram.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
kooora.com Cloudflare Inc ECC CA-3	`2021-09-08` - `2022-09-07`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-19` - `2021-12-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.effectivemeasure.net Amazon	`2021-02-02` - `2022-03-03`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2021-03-02` - `2022-03-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.prmutv.co R3	`2021-10-25` - `2022-01-23`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
api.permutive.com R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.tagger.opecloud.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.evidon.com DigiCert SHA2 Secure Server CA	`2021-05-30` - `2022-06-08`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-23` - `2022-02-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.bet365.de Thawte RSA CA 2018	`2021-08-13` - `2022-09-13`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://m.kooora.com/default.aspx
Frame ID: 44B559115AC2E59600837D041F54E63E
Requests: 185 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: CFA032547D646C4889D409B8B6BF1712
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 3B4C2F75092445232B290193580010B4
Requests: 1 HTTP requests in this frame

Frame: https://gaae.hit.gemius.pl/gdejs/xgde.html
Frame ID: C9C8E0D9F3F883995A817EDE9F3B8B95
Requests: 3 HTTP requests in this frame

Frame: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 668509D47955A0F777712BF4FCD0A3BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C2DF7F7A8F2CBE48297F1B01EFAAF78
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F25CCE25A0BF6D1871A9C11C9B298BF0
Requests: 2 HTTP requests in this frame

Frame: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CEF623D647503DDFD4B5D1CF5B9AB851
Requests: 14 HTTP requests in this frame

Frame: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FADB4137C23D8C6276D5301396ED07B8
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJzZtTHWkujU92KVG8XEj_AnTCdpODOcwqd1GCSajiyN8D2NtJWfHzAWg1OK-hOmlpFXj00_r2Y1_mb8dQ-hTau7K9zeQn7QBlANfFcAe_XixijcALzZ9Uz3v6TjdI-zaGP36P0wqUb7lgI0B4g0F9FqYqTyP_L37A2w_UFoqbB89n_2QebA8orr9Fo-IUYeTjatQFdJetdiL1PWfF-HF9me2ysu02RF-JW7b1rgZ1nkOY-6JN1BPL8UPUP5uTFVltsQZQ6w3uY6UrW82HJjQ2ajAVmqxecVf2ah3I2d2_ZRFrvvkuVIgkQl3gChp_T-EGrA&sig=Cg0ArKJSzLv1DyEzT8-IEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 82BA8B7C978CC6D1132F61C1411B890C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjUwLyZATAB&v=APEucNXSWbd9lt-KjYRHqrLZU5JHa6eoW8CtfUXep2zQ5KJcHGce_xXfRLE7UXK6gpGzHrIBCDYTaLHJXbUvSJpkcds9gTMOgQ2YjzfaSuOoWZ_xq4dOlmz3ZE94S6LKSjCgr78R_Zt3eWx9W4HIgCkjpdXV69kxtMznnv_k-OnqeT-bjceEi2E
Frame ID: 192E46B697F693B7BC38C304D9870809
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Frame ID: D4CC214F45D41230A31037050E38F68B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3B603C25F14733D5EB01F9ECFDBB6C25
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC5018D9514D5C10086839ADB2F253CE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E64E49D397FEBCEBD4E525950D6EB3DC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6733025751471226880/728x090.html?e=69&leftOffset=0&topOffset=0&c=DTQf2IIKLF&t=1&renderingType=2
Frame ID: 37EBEF0EA1F0FED1DC2E5D2A39DF5405
Requests: 11 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Frame ID: F86A63D34CDE423BC50E41A94499EFF1
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Frame ID: B5AFF973D27F606112A52ECC91E8C3ED
Requests: 1 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01062583
Frame ID: D9DA52EDBA7CABAA6906EE04FBA57021
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كووورة: الموقع العربي الرياضي الأول

Page Statistics

284
Requests

92 %
HTTPS

44 %
IPv6

42
Domains

66
Subdomains

50
IPs

11
Countries

3087 kB
Transfer

10383 kB
Size

64
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://cleveradvertising.com/

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/
Title: كووورة TV

Search URL Search Domain Scan URL

URL: http://striveme.com/?utm_source=m.kooora.com&utm_medium=referral&utm_campaign=fixed

Search URL Search Domain Scan URL

URL: https://striveme.com/article/%D9%85%D8%AD%D8%B1%D9%83%D8%A7%D8%AA/%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1/%D8%A7%D9%84%D8%A7%D8%B3%D8%A8%D9%88%D8%B9-%D9%81%D9%8A-%D9%85%D9%82%D8%A7%D9%84%D8%A9-%D8%AA%D8%AC%D8%A7%D8%B1%D8%A8-%D9%82%D9%8A%D8%A7%D8%AF%D8%A9-%D9%88%D9%85%D9%82%D8%A7%D8%A8%D9%84%D8%A9-%D8%AE%D8%A7%D8%B5%D8%A9-%D9%85%D8%B9-%D9%85%D8%A7%D9%83%D8%B3-%D9%81%D9%8A%D8%B1%D8%B3%D8%AA%D8%A7%D8%A8%D9%8A%D9%86-%D9%88%D8%B1%D8%A3%D9%8A%D9%87-%D8%A8%D8%AD%D9%84%D8%A8%D8%A9-%D8%AC%D8%AF%D8%A9?utm_source=m.kooora.com&utm_medium=referral&utm_campaign=kooora_api

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=Blank&id=28172837&title=%D8%A7%D9%84%D9%86%D8%B5%D8%B1%20%D9%8A%D9%82%D8%AA%D8%B1%D8%A8%20%D9%85%D9%86%20%D8%A5%D8%A8%D8%B1%D8%A7%D9%85%204%20%D8%B5%D9%81%D9%82%D8%A7%D8%AA%20%D8%B4%D8%AA%D9%88%D9%8A%D8%A9..%20%D9%86%D8%AC%D9%85%20%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1%D9%8A%20%D9%83%D8%A8%D9%8A%D8%B1%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%B1%D8%A7%D8%AF%D8%A7%D8%B1!

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=Blank&id=28172836&title=%D9%83%D9%84%D9%88%D8%A8%20%D9%8A%D9%81%D8%AC%D8%B1%20%D8%B6%D8%AD%D9%83%20%D8%A7%D9%84%D8%AD%D8%A7%D8%B6%D8%B1%D9%8A%D9%86%20%D8%A8%D8%A7%D9%84%D9%85%D8%A4%D8%AA%D9%85%D8%B1%20%D8%A7%D9%84%D8%B5%D8%AD%D9%81%D9%8A..%20%D8%B4%D8%A7%D9%87%D8%AF%20%D9%85%D8%A7%20%D9%82%D8%A7%D9%84%D9%87!

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=%D9%83%D8%B1%D8%A9%20%D9%82%D8%AF%D9%85&id=28172659&title=%D8%AB%D9%88%D8%B1%D8%A9%20%D8%A8%D8%B1%D8%B4%D9%84%D9%88%D9%86%D8%A9%20%D8%A8%D8%AF%D8%A3%D8%AA..%D9%88%D9%86%D8%AC%D9%85%D8%A7%D9%86%20%D9%85%D9%81%D8%A7%D8%AC%D8%A6%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%B1%D8%A3%D8%B3%20%D9%82%D8%A7%D8%A6%D9%85%D8%A9%20%D8%A7%D9%84%D8%A8%D9%8A%D8%B9

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=Blank&id=28172557&title=%D9%85%D8%B4%D8%AC%D8%B9%20%D9%8A%D9%82%D8%AA%D8%AD%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D9%84%D9%84%D8%B3%D9%8A%D8%AF%D8%A7%D8%AA%20%D8%A8%D8%AF%D9%88%D8%B1%D9%8A%20%D8%A7%D9%84%D8%A3%D8%A8%D8%B7%D8%A7%D9%84%20%D9%88%D9%84%D8%A7%D8%B9%D8%A8%D8%A9%20%D8%AA%D8%B4%D9%8A%D9%84%D8%B3%D9%8A%20%D8%AA%D8%B9%D8%A7%D9%82%D8%A8%D9%87!

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=%D9%83%D8%B1%D8%A9%20%D9%82%D8%AF%D9%85&id=28171658&title=%D8%A8%D8%A7%D9%84%D8%A3%D8%B1%D9%82%D8%A7%D9%85..%20%D8%AE%D8%B3%D8%A7%D8%A6%D8%B1%20%D9%81%D8%A7%D8%AF%D8%AD%D8%A9%20%D9%84%D8%A8%D8%B1%D8%B4%D9%84%D9%88%D9%86%D8%A9%20%D8%A8%D8%B9%D8%AF%20%D8%A7%D9%84%D9%87%D8%A8%D9%88%D8%B7%20%D9%84%D9%84%D9%8A%D9%88%D8%B1%D9%88%D8%A8%D8%A7%D9%84%D9%8A%D8%AC

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=Blank&id=28171672&title=%D9%84%D9%8A%D9%86%D8%AC%D9%84%D9%8A%D8%AA%20%D9%8A%D8%B3%D8%AA%D9%81%D8%B2%20%D8%AC%D9%85%D8%A7%D9%87%D9%8A%D8%B1%20%D8%A8%D8%B1%D8%B4%D9%84%D9%88%D9%86%D8%A9%20%D8%A8%D8%B9%D8%AF%20%D9%83%D8%A7%D8%B1%D8%AB%D8%A9%20%D8%A7%D9%84%D8%A3%D8%A8%D8%B7%D8%A7%D9%84..%20%D8%B4%D8%A7%D9%87%D8%AF%20%D9%85%D8%A7%20%D9%81%D8%B9%D9%84%D9%87!

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=Blank&id=28171673&title=%D8%A7%D9%84%D9%83%D8%A7%D9%85%D9%8A%D8%B1%D8%A7%D8%AA%20%D8%AA%D9%81%D8%B6%D8%AD%20%D8%AA%D8%B5%D8%B1%D9%81%20%D8%B1%D9%8A%D9%83%D9%8A%20%D8%A8%D9%88%D9%8A%D8%AC%20%D8%A8%D8%B9%D8%AF%20%D8%AB%D9%84%D8%A7%D8%AB%D9%8A%D8%A9%20%D8%A8%D8%A7%D9%8A%D8%B1%D9%86!

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28164592&title=%D9%85%D9%82%D8%A7%D8%A8%D9%84%D8%A9%20%D9%85%D8%B3%D8%B1%D8%A8%D8%A9..%20%D8%B4%D8%A7%D9%87%D8%AF%20%D9%85%D8%A7%20%D9%8A%D9%82%D9%88%D9%84%D9%87%20%D9%83%D8%B1%D9%8A%D8%B3%D8%AA%D9%8A%D8%A7%D9%86%D9%88%20%D8%B1%D9%88%D9%86%D8%A7%D9%84%D8%AF%D9%88%20%D8%B9%D9%86%20%D9%86%D9%81%D8%B3%D9%87!

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28167686&title=%D9%84%D9%82%D8%B7%D8%A9%20%D8%B7%D8%B1%D9%8A%D9%81%D8%A9..%20%D8%B1%D8%A7%D9%85%D9%88%D8%B3%20%D9%8A%D8%AE%D8%B7%D8%A6%20%D9%88%D9%8A%D8%B1%D9%81%D8%B6%20%D8%A7%D9%84%D8%B9%D9%82%D8%A7%D8%A8%20%D9%81%D9%8A%20%D8%AD%D8%B6%D8%B1%D8%A9%20%D9%85%D9%8A%D8%B3%D9%8A!

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28164391&title=%D8%AA%D8%AF%D8%B1%D9%8A%D8%A8%20%D8%A8%D8%B1%D8%B4%D9%84%D9%88%D9%86%D8%A9%20%D9%8A%D8%AA%D8%B9%D8%A8%20%D8%AA%D8%B4%D8%A7%D9%81%D9%8A%20%D9%88%D9%8A%D8%BA%D9%8A%D9%91%D8%B1%20%D8%B4%D9%83%D9%84%D9%87%20%D9%88%D8%A3%D8%AE%D9%84%D8%A7%D9%82%D9%87!%20%D8%A5%D9%84%D9%8A%D9%83%D9%85%20%D9%85%D8%B1%D8%AD%D9%84%D8%A9%20%D9%82%D8%A8%D9%84%20%D9%88%D8%A8%D8%B9%D8%AF

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28168700&title=%D8%AA%D8%AD%D8%AF%D9%8D%20%D8%B3%D8%B1%D9%8A%D8%B9%20%D9%88%D8%B7%D8%B1%D9%8A%D9%81%20%D8%A8%D9%8A%D9%86%20%D9%85%D8%A8%D8%A7%D8%A8%D9%8A%20%D9%88%D8%AD%D9%83%D9%8A%D9%85%D9%8A..%20%D9%81%D9%85%D9%86%20%D9%8A%D9%81%D9%88%D8%B2%D8%9F

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28171673&title=%D8%A7%D9%84%D9%83%D8%A7%D9%85%D9%8A%D8%B1%D8%A7%D8%AA%20%D8%AA%D9%81%D8%B6%D8%AD%20%D8%AA%D8%B5%D8%B1%D9%81%20%D8%B1%D9%8A%D9%83%D9%8A%20%D8%A8%D9%88%D9%8A%D8%AC%20%D8%A8%D8%B9%D8%AF%20%D8%AB%D9%84%D8%A7%D8%AB%D9%8A%D8%A9%20%D8%A8%D8%A7%D9%8A%D8%B1%D9%86!

Search URL Search Domain Scan URL

URL: https://tv.kooora.com/read-article.aspx?category=undefined&id=28167509&title=%D9%84%D9%85%D8%A7%D8%B0%D8%A7%20%D9%81%D8%B2%D8%AA%20%D8%A8%D8%A7%D9%84%D9%83%D8%B1%D8%A9%20%D8%A7%D9%84%D8%B0%D9%87%D8%A8%D9%8A%D8%A9%20%D8%A7%D9%84%D8%B3%D8%A7%D8%A8%D8%B9%D8%A9%D8%9F..%20%D8%B4%D8%A7%D9%87%D8%AF%20%D8%B1%D8%AF%20%D9%85%D9%8A%D8%B3%D9%8A%20%D8%A7%D9%84%D8%B3%D8%A7%D8%AE%D8%B1%20%D8%B9%D9%84%D9%89%20%D8%AA%D9%8A%D8%A7%D8%AC%D9%88

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kooora

Search URL Search Domain Scan URL

URL: https://www.kooora.com/?nomb=1

Search URL Search Domain Scan URL

URL: https://twitter.com/kooora

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kooora/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcHR8e5S-3uWN_yL64emgzg/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@kooora

Search URL Search Domain Scan URL

URL: http://www.kooora.com/?exf=privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1639171954772_1 HTTP 302
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1639171954772_1

Request Chain 135

https://cm.g.doubleclick.net/pixel?client=ddp-dms&google_nid=emi_ddp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?client=ddp-dms&google_nid=emi_ddp&google_cm=&google_tc= HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?client=ddp-dms&google_gid=CAESEJDTw9M5Oz97XMPUmbW2tcY&google_cver=1

Request Chain 138

https://gaae.hit.gemius.pl/_1639171955163/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=EVoa5vcinHBzbhPoBw0kwt9MXJPkRuRfi9aVGw9xUCn.27SRW5m7aGmulERA0fDKjYI1cHDwXr7p83IvX94bgoJ6c_En/qoBab7ucufkwF/&fpdata=sNLK9jTETJm26wAioIq.l4a_xdPm4EeN1miWH8tZ2pP.l7&vis=1&fpcap= HTTP 301
https://gaae.hit.gemius.pl/__/_1639171955163/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=EVoa5vcinHBzbhPoBw0kwt9MXJPkRuRfi9aVGw9xUCn.27SRW5m7aGmulERA0fDKjYI1cHDwXr7p83IvX94bgoJ6c_En/qoBab7ucufkwF/&fpdata=sNLK9jTETJm26wAioIq.l4a_xdPm4EeN1miWH8tZ2pP.l7&vis=1&fpcap=

Request Chain 142

https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=40da2992-202e-46c3-bd6d-d27455ebb9ca,ca1ca27a-0f57-4b8b-8b28-07efcfdb0180 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=40da2992-202e-46c3-bd6d-d27455ebb9ca,ca1ca27a-0f57-4b8b-8b28-07efcfdb0180 HTTP 302
https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,ca1ca27a-0f57-4b8b-8b28-07efcfdb0180&alias=110c7e2e-17ef-40d8-90fc-ea169ae75ac5&type=tradedesk

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=ipsos_gemius_ddp&google_cm&lsdata=EVoa5vcinHBzbhPoBw0kwt9MXJPkRuRfi9aVGw9xUCn.27SRW5m7aGmulERA0fDKjYI1cHDwXr7p83IvX94bgoJ6c_En/qoBab7ucufkwF/ HTTP 302
https://gaae.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=EVoa5vcinHBzbhPoBw0kwt9MXJPkRuRfi9aVGw9xUCn.27SRW5m7aGmulERA0fDKjYI1cHDwXr7p83IvX94bgoJ6c_En/qoBab7ucufkwF/&google_gid=CAESEAplO455eSgsE4PlpCGSW0o&google_cver=1

Request Chain 154

https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1 HTTP 302
https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1&trackability-redirect=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-NUf7QDGjMzA9iBUKLPOyMc2mYmYf&source=dms HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?state=2-NUf7QDGjMzA9iBUKLPOyMc2mYmYf&source=dms&google_gid=CAESEKhB-Id1rNV3yZM79vxAoF0&google_cver=1

Request Chain 155

https://tagger.opecloud.com/dms/v2/pixel.gif?url=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&ref=&tz=0&screen=1600x1200x24&tref=&cmpstatus=notrequired&tcString=undefined&uspstatus=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-htiadu1mVH9KSrRjnNk1y1hA2LSs&source=dms HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?state=2-htiadu1mVH9KSrRjnNk1y1hA2LSs&source=dms&google_gid=CAESEKhB-Id1rNV3yZM79vxAoF0&google_cver=1

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnNFKyN2Bd3kDj38nWpGZQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnNFKyN2Bd3kDj38nWpGZQ&google_cver=1&C=1

Request Chain 211

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbPHdf-1RgdGgbS263nxDwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnNFKyN2Bd3kDj38nWpGZQ&google_cver=1

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJPrJhY-oOxkINN2Yf_f2u4&google_cver=1

Request Chain 213

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAxOTY2OTYxOTAwNDk3NzM0MQ%3D%3D

Request Chain 219

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPsZerpGlNk2cp-dqZIh1pM&google_cver=1&google_push=AYg5qPIh8vwFZGSpTrfJMiT1r6O2Gzk0T0ztV0mquKE8KhQqojq81kFbLeTfmhG3U9iwAadXOVHSl-Wo2G4s1pOaq4XZ8iA6bVFUVw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPsZerpGlNk2cp-dqZIh1pM&google_cver=1&google_push=AYg5qPIh8vwFZGSpTrfJMiT1r6O2Gzk0T0ztV0mquKE8KhQqojq81kFbLeTfmhG3U9iwAadXOVHSl-Wo2G4s1pOaq4XZ8iA6bVFUVw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WUlMeWtpM1gxTVZOdm41&google_gid=CAESEPsZerpGlNk2cp-dqZIh1pM&google_cver=1&google_push=AYg5qPIh8vwFZGSpTrfJMiT1r6O2Gzk0T0ztV0mquKE8KhQqojq81kFbLeTfmhG3U9iwAadXOVHSl-Wo2G4s1pOaq4XZ8iA6bVFUVw

Request Chain 220

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBLKXk4I6UvU_siIh68s5HM&google_cver=1&google_push=AYg5qPLinSV-ntAn5pHJaQ9fku9XDF4HhOH3N2qV6U_U7ZUFLGDfqEVfZdl73PQC9Qx2SqJKsSTcEHFfK-ZqMJWpiaAA3lZx2AKM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBLKXk4I6UvU_siIh68s5HM&google_push=AYg5qPLinSV-ntAn5pHJaQ9fku9XDF4HhOH3N2qV6U_U7ZUFLGDfqEVfZdl73PQC9Qx2SqJKsSTcEHFfK-ZqMJWpiaAA3lZx2AKM

Request Chain 222

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPJCu7V-ogR2gD7Iqole8W8&google_cver=1&google_push=AYg5qPK5JCSyBHMc0plsU2yWadxnDUWE6IU5LqnMRoiINJNPeqv9eJBkXUtiHtfTAxmdVwVp3yTDFRpL4Cy4cZyNEZQCXBh-EEmZEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDE4OTk0Nzg0OTQwNjYwNw%3D%3D&google_push=AYg5qPK5JCSyBHMc0plsU2yWadxnDUWE6IU5LqnMRoiINJNPeqv9eJBkXUtiHtfTAxmdVwVp3yTDFRpL4Cy4cZyNEZQCXBh-EEmZEw

Request Chain 223

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDKPJtDDn5ZS2lvH9_0pjoQ&google_cver=1&google_push=AYg5qPLRKKwUUrwi2vyi__N573Ww-AwyLmjfNhKuoVYNVtoLsxH2HJqDNJQl96yoUvx314nstI7z3k-WBxVXSE9ua0Dl1n7EGYWx HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDKPJtDDn5ZS2lvH9_0pjoQ&google_cver=1&google_push=AYg5qPLRKKwUUrwi2vyi__N573Ww-AwyLmjfNhKuoVYNVtoLsxH2HJqDNJQl96yoUvx314nstI7z3k-WBxVXSE9ua0Dl1n7EGYWx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcwMTk4MTYwMjYwNjA5MjIwOA&google_push=AYg5qPLRKKwUUrwi2vyi__N573Ww-AwyLmjfNhKuoVYNVtoLsxH2HJqDNJQl96yoUvx314nstI7z3k-WBxVXSE9ua0Dl1n7EGYWx

Request Chain 233

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJXgjba3Q0AbTDxXApi2UU8&google_cver=1&google_push=AYg5qPKwYClgv8ofvaSoFby9wN36ZIechlt7_8QH7VnV810hpzAEFfMAC-kdxT6spQ93y0hZgCconQ5SOPCHfZ4ia_S1YjLERO4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKwYClgv8ofvaSoFby9wN36ZIechlt7_8QH7VnV810hpzAEFfMAC-kdxT6spQ93y0hZgCconQ5SOPCHfZ4ia_S1YjLERO4&google_hm=tS73I6AGQYej4pJRFV5W-8E

Request Chain 235

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENN7j2vnM_fZPSA0b0F_XDE&google_cver=1&google_push=AYg5qPLqyHP6zM2BvEI1N63gL7he33gMo1ntkdO6NgBu90In7RVJ_WAsN9lZNN0OKVoR2zUcPdOqnVsVj1US5IZnwDkC93x8Hw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLqyHP6zM2BvEI1N63gL7he33gMo1ntkdO6NgBu90In7RVJ_WAsN9lZNN0OKVoR2zUcPdOqnVsVj1US5IZnwDkC93x8Hw&google_hm=NTM2MTQ1NzQ4MjUwNTgzODE0

Request Chain 237

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAzNLMqJaxolnGVUcBqvQ-E&google_cver=1&google_push=AYg5qPLPVJr_pm7BO9W7MDQSLcwQ5RLLVp_-DYvPKsxhSc_Bw2nTXt43JjBp91bHnhP2iV1hRjYWT9lJLjhmjYPn5PLY27zWrEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1gwV05UMVItMTctODZESg==&google_push=AYg5qPLPVJr_pm7BO9W7MDQSLcwQ5RLLVp_-DYvPKsxhSc_Bw2nTXt43JjBp91bHnhP2iV1hRjYWT9lJLjhmjYPn5PLY27zWrEg

Request Chain 238

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECz6yFKdTIw1GP2ZNHO-3Xo&google_cver=1&google_push=AYg5qPIqKB7mzfFBCfOJVYO9ZOGYV1gs1SXfgvck6LABLadzBbsD3CfzpEcPDgRxhpa1ffviDNApbY2mwZJHHZc8wsdXcob-AY4 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIqKB7mzfFBCfOJVYO9ZOGYV1gs1SXfgvck6LABLadzBbsD3CfzpEcPDgRxhpa1ffviDNApbY2mwZJHHZc8wsdXcob-AY4&google_gid=CAESECz6yFKdTIw1GP2ZNHO-3Xo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI3MjQ0MzU5MzgyNDczOTg4NTI%3D&google_push=AYg5qPIqKB7mzfFBCfOJVYO9ZOGYV1gs1SXfgvck6LABLadzBbsD3CfzpEcPDgRxhpa1ffviDNApbY2mwZJHHZc8wsdXcob-AY4

Request Chain 240

https://sender.clevernt.com/transporter/51316.php?ppuc=1&ppu=0&id=523132&ref=aHR0cHM6Ly9tLmtvb29yYS5jb20vZGVmYXVsdC5hc3B4&ruri=&r=451172593&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&wn=null&res=1600x1200&landing=1&hei=360&ts=0.136 HTTP 302
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583

284 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request default.aspx Show response
m.kooora.com/ 23 KB
9 KB 89ms
57ms Document
text/html 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

98162587fefcb5b9e6fdc097d5098cf7a1238a0522d875789a33a21fbc3960f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	Deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-type: text/html; charset=windows-1256
cache-control: private
expires: Thu, 10 Dec 2020 21:32:34 GMT
access-control-allow-origin: o.kooora.com
x-frame-options: Deny
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXlt0JF%2FJatxtmK3Zw9rqVllJETvgMlc8OxNIdOi4Nno8N7MMYAl9vN%2FyvHu9Sdq4vRXhEEDHy7%2FR5fuOH5p96jF%2BEQxbFSKZ80m7E%2BtKv2oPjV8ICJo6p5rifQ5Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 6bb9962a5d055b62-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 moatheader.js Show response
z.moatads.com/choueirigroupheaderdfp445340272806/ 245 KB
85 KB 37ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: de15d11d0b75d896720b1a6a915527c51593b216710031be397efe2a80553696

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 12:32:59 GMT
server: AmazonS3
x-amz-request-id: K4HQQ6GMY1TW80JZ
etag: "4fe2a7f4399f7caf41785c716336a3c2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=57322
accept-ranges: bytes
content-length: 86367
x-amz-id-2: pE2UXXpT8FlfclfwffpgOZYf9I2TGMjQ8OS9aR5THBBSA3A4NX92xh1G11qobhVmhwsHKljQCUk=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 41ms
18ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f45530ee93fe1451632f4c4da09ff7b9dcbbe6a64f2ae824c058c78fababd34c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1067 / 745 of 1000 / last-modified: 1639137928"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27033
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Dec 2021 21:32:34 GMT

GET
H2 200 ms.css
o.kooora.com/ 128 KB
26 KB 75ms
66ms Stylesheet
text/css 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://o.kooora.com/ms.css?rev=191&ch=5761

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3c14b6a4d44a7fbd89db303bd87273ab41e9a4e59d6da6248fe8e88203a5e4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 810152
cf-polished: origSize=130947
last-modified: Wed, 01 Dec 2021 12:29:36 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"1864361aafe6d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=425K1%2BmMskQTPKek5yj5um9urCmm6G%2F4%2FSchoL9WtH8WgySxrTPnTALfkgwQOo1c2oTMoYt%2B6%2B6l8xGBbjWvSYq16XJbir2H5Gs7YrBRmB59UuNWOgdMsY55U5Ibgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6bb9962ade065b62-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
o.kooora.com/ 87 KB
32 KB 46ms
37ms Script
application/javascript 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://o.kooora.com/jquery-3.5.1.min.js

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194490
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 13:40:24 GMT
server: cloudflare
etag: W/"0947d5c9a3dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BTHXTEVG1J%2BkCmdSJsVxRs5VgbAa%2FpIryBoWPbIUkYRT9hzzQRfZF24faSAhKyYuKTDebSRlUhPELdTN0SXGsnsBHD0eG1qgQSokdMv4NNMvAVLrKtL79UEqf06Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6bb9962ade095b62-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H2 200 mo.js Show response
o.kooora.com/ 776 KB
192 KB 89ms
57ms Script
application/javascript 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://o.kooora.com/mo.js?rev=1389&ch=4972

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e72363c7af8c7621ea920de2a2051ad2ea7b5bcd4c6a943ea9a3149c24b60e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.kooora.com/
Origin: https://m.kooora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1000786
cf-polished: origSize=799350
last-modified: Mon, 29 Nov 2021 07:32:10 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"0f91738f3e4d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJ5glYb9cqNE6RrmCyv1%2Bp%2BLoCenurAO2Jtnvc1%2F8LIdeB4aYbdVfl8jiaLBZ4l3R%2B07pmGfX%2B%2BoK%2BcA4iTIWZoqncahOSK9hKnDFyp9ou0PLjTNYTMjE8BnEH9Jfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6bb9962b0a6cd6b5-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 api.js Show response
m.kooora.com/cdn-cgi/bm/cv/669835187/ 35 KB
10 KB 33ms
14ms Script
text/javascript 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.kooora.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee02a3191810a0f19abf2a16e59fe6ca498dcddddbe7ee689c2be0d45e28a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtR%2FJb3egCQ6z0NLYXGG2UQbDR3UByiIxVYNpaUhXgk48Suz9oQmnDNiyQG1srsQ0wZOL%2B4qwoyNTC6fz0zWr8Spy0gdI%2BFoJtipwfhi0%2Bpfq6yL5Iw869r3IEKGng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6bb9962b9cf82bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ 13 KB
5 KB 74ms
53ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://m.kooora.com/
Origin: https://m.kooora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6bb9962bcb9cdfa5-FRA

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 30ms
15ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Dec 2021 21:32:34 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 252 B
161 B 33ms
17ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.kooora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

0d22eccd1930f4182b9538555103fa332f1ce56afb0531f07377969470fc1c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
expires: Fri, 10 Dec 2021 21:32:34 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 303 B
479 B 130ms
40ms Script
text/html 52.208.32.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-E0xt5j9Bn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-odKx0GC5X%2FcYUw%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&pcode=choueirigroupheaderdfp445340272806&rx=451608890122&callback=MoatNadoAllJsonpRequest_94915696
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.32.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 35aed295c84a383c6a3707464621aaf638c80b22f18fcb0f5ac69b9579e11606

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "6310be8e437084b69c989d2a945bf594f5b18e9e"
content-length: 303
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame CFA0 1 KB
2 KB 7ms
7ms Document
text/html 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/

Response headers

x-amz-id-2: 73D3e7gxcIPreNQjXMP3sBLOtDnOj9JIZZAZT+rKOJq0P+BOTo5PtgBQZAYHCuyKcJbI7T6r3BA=
x-amz-request-id: 8G1K3X3ZFSCY1R8R
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
cache-control: max-age=2617
date: Fri, 10 Dec 2021 21:32:34 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ar_AR/ 3 KB
2 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e11ee4f638dd46d8abba52ee6780b980df1a6c98fb85cc5a85d79968648068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2U+NdNXq+Dl8jFnAuarBMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: h63e1UGlrgqZL1JQ/3UdZbsrRG+d/PBgQwZsUHZzraRE6JPth92EQAdSAaG2PcoF/ao9TlFWUZdp7KkviNhbpQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 47d52f1dcfaf3261467203df27f8b61b
x-frame-options: DENY
date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c3855bb791fd80255724c5b36bcd283d"
timing-allow-origin: *
expires: Fri, 10 Dec 2021 21:35:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: KBIPPzvOt9YrjRodniE3BgAv2mMys8sV+h58lgyIu6wKH6iy3yAR77NW9csCxyeqMUg3OwyvR29WTYjyDGZ/5A==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 10 Dec 2021 21:32:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cn.js Show response
kooora.cognativex.com/cognativex/ 1 KB
1 KB 46ms
16ms Script
text/javascript 2606:4700:20::ac43:4487
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora.cognativex.com/cognativex/cn.js?v=2021-12-10
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4487 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34fe0f84656b496b91cfe919e6f8460e9731b2a4ad163f1e278f8b7af60a8536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=eA/RVA==, md5=NpWFkT9amAy+AW3fIi+YeQ==
date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37173
cf-polished: origSize=1053
x-guploader-uploadid: ADPycdtoEO9DpcLvK55LdlLaFSOAFyEniPQYnfOwAC2nBc9poIKs_43-XRJhC80Zg9Q0_ZFz0eL6_x8OGkPVq5kctmoioJqrMw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Fri, 19 Nov 2021 09:23:52 GMT
server: cloudflare
etag: W/"369585913f5a980cbe016ddf222f9879"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAmlAuhzfUdUyGOiHXEZ6Escg7hrS6IR8u8wcUlVwTCAT%2BL5wds2bdZFksrPiPJAMIxokR9seVMeAsMvtpP847H0y5JoUSyqBeGD2bLxU5EMwgMFXAenyzHMSjkBOey9nLviclpLYOtABb%2BcyVmyJ%2BWFuA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1637313832065817
access-control-allow-origin: *
expires: Fri, 17 Dec 2021 10:38:13 GMT
cache-control: public, max-age=14400
x-goog-stored-content-length: 1053
cf-ray: 6bb9962c1fa2d6d9-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7056
date: Fri, 10 Dec 2021 19:34:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 10 Dec 2021 21:34:58 GMT

GET
H2 200 tag.js Show response
t1.effectivemeasure.net/ 22 KB
7 KB 55ms
8ms Script
application/javascript 13.35.253.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.effectivemeasure.net/tag.js?1639
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-73.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b00b1bfc13107699852b352569a8aa7a277a3a30ef9660bd085baa7a2f1cbec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 07:48:50 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 01:00:44 GMT
server: AmazonS3
age: 49425
etag: W/"489d05d67b9e8e4403e07a14415c7f5f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: EV2M1j9-RlXaj5BRKkyeBE7aTGt4gdvFBfLfyuF5SIFgli9GipAMtQ==

GET
H3 200 / Show response
m.kooora.com/ 16 B
811 B 71ms
71ms XHR
text/html 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.kooora.com/?vc=true&_=1639171954499

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/jquery-3.5.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7eb1552a582c0f5ac5b3b39dc87e875d06e57ccd882947afecaa199e5c7f95f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://m.kooora.com/default.aspx
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRzH08bs%2BCmo%2BGtjsbXP%2By%2FAIR5zNhCh%2BDT89PPnuwatQVbFJZaxPzI9LSfdR76lvIvUtv9bmY8eFDIpcT9kU865QhauUsQl6OWp%2BpERAUdEEWmwpAigNE3ZtE0b%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=windows-1256
cache-control: private
cf-ray: 6bb9962bfdb12bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 10 Dec 2020 21:32:34 GMT

GET
H3 200 de.png
o.kooora.com/f/ 118 B
752 B 31ms
31ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/de.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7bbbc578682b551e04f72c16ac8f09fcf1546b526ac807da31a94b7dff57b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194484
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 118
last-modified: Tue, 27 May 2014 17:12:37 GMT
server: cloudflare
etag: "ea73c0dbce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRs1xP7KrLI9JBiGNPdq0j%2Fr6INUKllppXeYl4oTsl5mL0Q5IDGTwuEPXASc%2BcMfpis34b%2F9IB4OFDmYzKVQRliTqPEJ7DbUXISObUTgbqH2XzlecTTqnMzQMtOA2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c7e992bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 es.png
o.kooora.com/f/ 486 B
1 KB 29ms
29ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/es.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b6d61df978b94d1e037ed852d9d884131ea33a447b201f0d5595ce64a7716c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194484
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 486
last-modified: Tue, 27 May 2014 17:12:26 GMT
server: cloudflare
etag: "efb149d5ce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8qgqCZ51LtyH122DcLPBYBrAXV%2F2lVPQwiRICIMHZ5GToQOINT%2FWo0%2FJ0A4MG2Ch8AriguapCdFbaP%2BRgAqFSYlpTrCfIKLd%2Fu0Ey%2BdeYxLYcSJufTOYtP6%2FghBwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c7e9d2bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 en.png
o.kooora.com/f/ 114 B
748 B 31ms
30ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/en.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51530e1f054c6532f5752528576e641b0a1df55f734a386c5fa3eb150dc0d98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194490
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 114
last-modified: Tue, 27 May 2014 17:12:28 GMT
server: cloudflare
etag: "ac61afd6ce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5c98Mb9D6%2FhZBl%2FU4BHKQCASG53IZ7fU2pNeTeL7CtHq699709XTzZzrfAUdivpE45DWAjvH%2BbBuj1iaX%2B9fkAGI1r0pfsCQTwpCzLR0H4lAWPoM8ziSShfxCUmzHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c7ea02bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 it.png
o.kooora.com/f/ 118 B
749 B 29ms
28ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/it.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe52246a5c5f962f30bd3fb70bf885eb689f366567d21d9be1407923ef4a5599

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194490
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 118
last-modified: Tue, 27 May 2014 17:11:48 GMT
server: cloudflare
etag: "ab745bbece79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAvoNsJvqVAcZgxHvzMy2vhfoe8Gzn1Ph9BExoD%2FsvkBPon9frF84NuAIE7v1oy3GOd64S%2FPKt1y4AflbpqVZdU2ov1OH75HaD9FNWlrsXXHTaFrBGo2ewSpYwrYcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c7ea12bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 sideOpen.png
o.kooora.com/ 1015 B
2 KB 32ms
31ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/sideOpen.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b952b3eca9ed4c65623a444e555514a8f7d7f94edb8aa6d7f0656fe4dde40c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194486
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1015
last-modified: Tue, 14 Oct 2014 07:23:23 GMT
server: cloudflare
etag: "9e7145bd7fe7cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OE%2FVLYp4wj1EVFhTkP2qBc%2Bm0oBpEunI3lfxdCHakgRUnzy%2B3PQuT8%2BsiA0fAsPyhslRxJFSGVvz3L9384v9L4v%2FVmGO8sP2NVrDOfEuV2TEqUXaLWkzMggDf7Y5VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c7ea42bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 tgold3.png
o.kooora.com/i/ 4 KB
5 KB 75ms
74ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/i/tgold3.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bb514fa778de13246a4256f79bc8e4fd8a92c83c64ece4071543c2d85694e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2041843
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4500
last-modified: Tue, 05 May 2015 12:18:03 GMT
server: cloudflare
etag: "223f4882d87d01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7xvmz0%2BKM4lvdAprHuAx913549XeotgT6T3VDG5rW2y%2BCVUym0gQKy60nDzzpRByKXGjfDjHgo3Y1IYcGACHRK4OPfeQY4ZTf8k3jMJpH%2FJmiKAokKCZOzSeXt6yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c7ea62bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 searchgold.png
m.kooora.com/icons/q/48/ 1 KB
2 KB 32ms
31ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.kooora.com/icons/q/48/searchgold.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

be66f2a7e95a29627f762c8b1c399a8a19f1b502f9dd31e5d5b7a9d56129acc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1064
x-powered-by: ASP.NET
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1530
last-modified: Tue, 08 Sep 2020 16:34:35 GMT
server: cloudflare
etag: "37fdceeffd85d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGEmeEdLBgre%2F%2BawVFZmlZ0TyoHX8B7s8YAxkqp4yN9giQ6LD9SrQYPdeQnjPTJroosZDb0WKGTdOlAofAB9hq1hFi27lm3ACIJQpNOJrr8TQecExez7xmVjSM4Xjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6bb9962c7ea92bb9-FRA

GET
H3 200 / Show response
m.kooora.com/ 16 B
804 B 96ms
96ms XHR
text/html 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.kooora.com/?vc=true&_=20756890

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7eb1552a582c0f5ac5b3b39dc87e875d06e57ccd882947afecaa199e5c7f95f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hEQy32PlTsNAY1yLBX6ruIk3qVrP%2BpkYEksYNQJ8yEEBvRvOaD1XcrHhyZEZo7dMjZPJaPe%2BtO9s7AC48fVdbf7AgBcHc0T5OGHBwwqkuLJc9IqqWh2rfU5RLFpdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=windows-1256
cache-control: private
cf-ray: 6bb9962c7eab2bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 10 Dec 2020 21:32:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
47 KB 40ms
16ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4af97b73cce56b4e1b2ef060fd79172372bd274c95cea97be3a351cffa8fbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47808
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 21:32:34 GMT

GET
H3 200 tc.json Show response
o.kooora.com/ 2 KB
1 KB 44ms
30ms XHR
application/json 104.18.9.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://o.kooora.com/tc.json

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0a43739be134268837d1a509a7b6c34a79d061417ddc87b99c8cc73bc6796bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194477
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Jul 2020 13:03:06 GMT
server: cloudflare
etag: W/"0a1c7441664d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXOymas%2FakG6QD3DwHbz3LpuTrpSZIWhq0%2BROTB8Tk%2Fbd94gwwZgWym15luE9f7JRHNFzRrHlF%2BVgUBqLXOEo1gzIcFVgzAqt2kSlU5PboE9IySDbr8MbL5fjKJEPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6bb9962c98491782-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 tn.png
o.kooora.com/f/ 575 B
1 KB 42ms
41ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/tn.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

887c8a17ad5826d0ec01041178bbce07b5d9a23a5ecd7dea317d6ce3799025cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 575
last-modified: Tue, 27 May 2014 17:10:12 GMT
server: cloudflare
etag: "de98485ce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfPsK7zfhlLeVY1iX1CUIxZlQ6GjNQtxW1y5hBjj9BtoFc8MR%2FWC4L0CnbLHj9S8jwLJfn8g%2FF3%2FNd4OuNO1Mp0%2Bw3KqOMbbsGBXfaCbS4vnrMqOBYMJa87bpIuNkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c8eb52bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 om.png
o.kooora.com/f/ 453 B
1 KB 25ms
24ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/om.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46c35fd853d67a12a2baff52c8880a9c64d1c7584cbc7fdc2647c1b0c4de7eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194479
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 453
last-modified: Tue, 27 May 2014 17:10:46 GMT
server: cloudflare
etag: "86f4c099ce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1N2orA2oxpwhjpjhqNq49KFS3raE9QNx1oF9LAIODpv0lgsUMXYJuwmYuhNwjo3ks4r7MBqcR7DQegd3llhDsF7dtQV2Bi03SltNFxIpY88d36YNkHbkNoueaQIgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c8eb62bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 qa.png
o.kooora.com/f/ 506 B
1 KB 27ms
26ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/qa.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b196ea8285409b1635667440b878cc9f30ae3e4b5ae01f8e172577f4664f709

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194395
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 506
last-modified: Tue, 27 May 2014 17:10:33 GMT
server: cloudflare
etag: "ada0e92ce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjqv%2Bo4O%2BrsbFg9xE%2BZ7iSXetYlitFBL59hVbOgZgjM50Bcxo%2BvotD4WwsUSGcFmON3WvxXJKXmX2sb8yYP9YJmEhbiNhI%2FnxbU%2Fs316VtfECIKBq3%2FF86YqIGJGPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c8eb82bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 ae.png
o.kooora.com/f/ 130 B
763 B 27ms
26ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/ae.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b566e742881896faf57be8e03785b8bc41c34ce6e496e28dbb067fa8bccce0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194490
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 130
last-modified: Tue, 27 May 2014 17:13:05 GMT
server: cloudflare
etag: "9e58a5ecce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pDdT9xc%2Fn2Ow0cqCIcnuebmkRlznLB%2Bhr4EvZZdoBfqDwlL59vnfjORoLNXUyll9g4TGBmRzDQML8bE57L%2BweSObKQVYQt5ry0ARtYgghCKL9hw4h4jguzt5uTddQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c8eb92bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H2 200 /
img.kooora.com/ 31 KB
32 KB 36ms
26ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=ohatta%2fteam_logo%2fasia%2fsaudi_arabia%2faltai.jpg

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cc43b5bf93cd3ce4ff97572e985d4218bc87099ca17111badf92b52e7c540a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5381538
x-powered-by: ASP.NET
content-disposition: filename="ohatta_team_logo_asia_saudi_arabia_altai.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32101
last-modified: Sat, 09 Oct 2021 14:40:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cD7nbR6d7ZEsx6onQyEQrNh6GTKaVDhB0vDL9soLcuQ7P3xTlFX0vBtD0Hxw4n5l9Hw%2FlsfYBlfMd6X5PG%2B0O%2B4OaAlvBFQhwNXqisK%2FAZjtBFywGItkPzzA0jVKKTzX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c99855b62-FRA
cf-bgj: h2pri

GET
H2 200 /
img.kooora.com/ 38 KB
38 KB 32ms
23ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2ft%2f0%2f146%2fal-nassr-1.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

85d7ce99c10a78e8b4efa1d58b4045b9333c6a3fee2e6285a1d0fc1f02487773

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5383021
x-powered-by: ASP.NET
content-disposition: filename="o_t_0_146_al-nassr-1.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38751
last-modified: Sat, 09 Oct 2021 14:15:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SS3HVX%2FQ999dgYQhB6OHHtLo%2Bk93ubKYgyO%2FUPpHdmqy6YINtZynF7f46uvexU9QU7TsexPsMTfQij79ZeVUiEVwGLuJR%2BRZ6qLp8IXr5axatWPPQ86s1b1h7NC0cr1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c998b5b62-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H2 200 /
img.kooora.com/ 29 KB
29 KB 37ms
28ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=teams%2fsaudi%2fhil.jpg

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

efbd250e25ad97b508352818ddeb07cbb64bdd6cc38872ac85b24b8c3da15b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5383022
x-powered-by: ASP.NET
content-disposition: filename="teams_saudi_hil.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29383
last-modified: Sat, 09 Oct 2021 14:15:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVbaIjIYmZg0d9wi4OffTuPNHYeF4jzw3d%2FhMHUoFNQzEtoBekesFkntFK%2B6Etda1fw47LBt5wAOiUO%2FQm%2FSCQDqVXS8lDt8Dg8FHJpDgbJOVbrKoId4cY3Br%2BIPmjwl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c99875b62-FRA
cf-bgj: h2pri

GET
H2 200 /
img.kooora.com/ 34 KB
35 KB 55ms
46ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2ft%2f1%2f263%2fal-fayha-1.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

57c05ed054c7020638702409fc407168645e68ddd1b42a2e5f7304746ed2f39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5383236
x-powered-by: ASP.NET
content-disposition: filename="o_t_1_263_al-fayha-1.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35265
last-modified: Sat, 09 Oct 2021 14:11:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kYqaA%2Fupa7iq6OXKULSis0JdGpaAwBCSnq8TSi4fU%2FlN%2Bd52aTdpCFDl2TPI5I%2FyOUzUL%2Fg01o0VV7TtPCgoLgEZY5G7Risz7Cw0LKULiM6TQlV7Q4%2FUEOcu1mNoqNz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c99845b62-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 Arab_Cup_2021_320x100.jpg
o.kooora.com/mq/ 19 KB
19 KB 33ms
32ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/mq/Arab_Cup_2021_320x100.jpg

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc8d2b565ff091beec72fb611754ca213d29256cf2cd897a41e67861d5911be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1425377
last-modified: Wed, 24 Nov 2021 09:34:26 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19150
cf-bgj: h2pri
server: cloudflare
etag: "40daf47816e1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhfX1Dk4kL%2FV47thWq6utfqvkZkSrEjzkgebNWMQgFUdgC68zaLbIRxP%2BzQskJL6dJ%2BaZYbaNuxhMz0O5u%2FH3BmNgxpC%2F9oHw6gLLfF0fe1pHkXtiuJNK8Ljwo46SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c8ebb2bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H2 200 /
img.kooora.com/ 19 KB
20 KB 31ms
22ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-11-20%2f2021-11-20t124821z_1799164673_up1ehbk0zkj3o_rtrmadp_3_soccer-england-lei-che-report_reuters.jpg&z=320|240&c=27|1|773|580&h=5284

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

40dedae70490ed1a5bafc9193040cd6020256dbcc92740843ada451c89bba95c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 22022
x-powered-by: ASP.NET
content-disposition: filename="reuters_2021-11-20_2021-11-20t124821z_1799164673_up1ehbk0zkj3o_rtrmadp_3_soccer-england-lei-che-report_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19860
last-modified: Fri, 10 Dec 2021 15:25:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWpGLWUUSws3SXDWZQ5MJbUk2AidqKrL%2BVPmTbDcRoVePWFRnI95%2BSCk0fEcAcStDeD97yn0tfT2AaglB4UXIguovz%2FszcS0gj62OysaJ2Gb3aK9nFa6fXx9D1%2FQoiSW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c998d5b62-FRA
cf-bgj: h2pri

GET
H2 200 /
img.kooora.com/ 9 KB
9 KB 62ms
53ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=omar_a%2fkooora%2f2021%2f12%2f2021-12-10_164020.jpg&z=320|240&c=94|0|604|453&h=3510

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

886ee5cb817f28aa1b0fc7a74fb68e1b9faa01da73a269eff1d0d2b655033168

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5425
x-powered-by: ASP.NET
content-disposition: filename="omar_a_kooora_2021_12_2021-12-10_164020.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9128
last-modified: Fri, 10 Dec 2021 20:02:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WE%2BuEXgoi%2BGYFcIRmrZ5WMWd0n%2FB%2F4zrqIQ1eku4kKjTWPnKvoJHQvgZnU%2FNPiRxZt3TY1XEp7u6F3mKsnKSPJJ29TyU9Q5%2BfIyQCpU%2FSURhfOqRL0UsmlwLJuYmZkmo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c99885b62-FRA
cf-bgj: h2pri

GET
H2 200 /
img.kooora.com/ 9 KB
10 KB 25ms
21ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-07%2f2021-12-07-09627638_epa.jpg&z=320|240&c=36|0|709|532&h=8076

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

84cb6087d92e5b741b0e7205700bf73268d322f87a1c8c4efc607bdde4bc4ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 17922
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-07_2021-12-07-09627638_epa.jpg"
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9404
last-modified: Fri, 10 Dec 2021 16:33:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0Iv4wjguA8edZZgrbGrdD%2B%2FHLDMVU0kaFt5wq5aDlwadVzBFvBpIIWPSjGZK9PcAvRbHJBIvCD9B97WEuzc%2F1WmaFS7Imt9qvkvKNDArLXdkbLPuLhjxMjCb1IfmhJl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cb9c25b62-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 jo.png
o.kooora.com/f/ 469 B
1 KB 40ms
38ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/jo.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d25f5406aa06cd237403d5cd9da189aa8a12a4877667e118905617210d3eb45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194477
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 469
last-modified: Tue, 27 May 2014 17:11:45 GMT
server: cloudflare
etag: "c9decbcce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShEeLUAYD%2FCvVkBGETYfhpkkiH2NfJBpeTKyw7VbDTia0qpAC0zLz11XMo%2BCz7mZeXw9PCDcndTQyMktNUvnEz5fLBo%2BFtuFbCwwURMrj2i%2BM2DcWTNdkJadwZkCaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c8ec32bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 eg.png
o.kooora.com/f/ 389 B
1 KB 29ms
27ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/eg.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

737c272ee31ce3176d4a2509754da320bba871c9c14ba4b4ef73e6dd3ba31979

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194494
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 389
last-modified: Tue, 27 May 2014 17:12:28 GMT
server: cloudflare
etag: "b5d2b1d6ce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoZx1PSahqg5ZyCbFNtKhsIc6lnO%2F%2Ffn5qzlc9eV1TlQhnTvziJVD8dBWw3C7SRyh7C4Lh9dDMopZOPz%2BbBR3l7gQF7kVNEDMB4IABeNb7UBVQMNlFA%2Ff5pWYxP5Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c8ec62bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 dz.png
o.kooora.com/f/ 434 B
1 KB 40ms
38ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/dz.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64ad7ef5b85d7ec6ceae5b36eb7877492cabee217312cd4a41335bf9773e7039

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 434
last-modified: Tue, 27 May 2014 17:12:32 GMT
server: cloudflare
etag: "6181cad8ce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWPivOLi%2BUlnWh1mvgbmMkdEe%2FR0jhINqNxt9HjUkOwTxWh%2BqKRNs1Q0HI%2FNegi7gzxnRJdhlRxgeBrPdBNVgoZn3pAVehfrh1ucyxlcarzTfJzZcJMjs9sNruUlwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c8ec72bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 fr.png
o.kooora.com/f/ 118 B
750 B 26ms
24ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/fr.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

271d5cca1017e13cecf9cdb870d1ce2c01c9fe0385c6a5411e43de77d2706cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194483
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 118
last-modified: Tue, 27 May 2014 17:12:18 GMT
server: cloudflare
etag: "cb373bd0ce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVt9aPJ9j711JJqayIOdf3BvUU53plaLdNn1hjAKubj5evjth4UcnCGjp4YiwPKelzZeC%2BKTV%2BE7KFWWYuHojveulFoUIlz76y28YZlbzpPHQ2gzgfsEhCPn29WRQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c8ec82bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 /
img.kooora.com/ 31 KB
31 KB 37ms
33ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=0safi%2flogo%2fuefa_champions_league2016.jpg

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9bd5a96b3bf2da045675079d1b905ede92d51b9bb502cdaad51640ca784544e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5383302
x-powered-by: ASP.NET
content-disposition: filename="0safi_logo_uefa_champions_league2016.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31296
last-modified: Sat, 09 Oct 2021 14:10:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBQiGZnJ5x%2FwZ0X9Z2XPnjP87al1V2Ar1vELd4M6gcd0zYhQpXBcFJ3D4ud10Pn7oUyq2LoLanIto245Ex810n%2F1rC%2FnTeqrluVRBQkweQ1uJjyG1XajAQ2GeiDkOFB5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf352bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 30 KB
31 KB 52ms
48ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=0safi%2flogo%2fuefa_europa_league2016.jpg

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8cc0abab8d68ea86aebf5b06f0eec7e462beca04228de9206cc1a8853a2708b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5382118
x-powered-by: ASP.NET
content-disposition: filename="0safi_logo_uefa_europa_league2016.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30652
last-modified: Sat, 09 Oct 2021 14:30:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0hfH6E8vVq2Z8GVjClgwQRhL%2BjcWh%2FCmr4B4tz6fci1pfQrdl9ErpTxI0edhdx2lzBF4LC0CcQ9FMlRijx3j6oL9ApbrnJ8wBPV9e5P5C6aZloppzuUmJoXQqZJXvi9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf362bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 6 KB
7 KB 52ms
48ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f21%2f441%2fuefa-europa-conferen-1.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

512b69dcc4b7ce2511220a14b3bfa835e772d5837ec68af4965ab6dc8423e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5382118
x-powered-by: ASP.NET
content-disposition: filename="o_l_21_441_uefa-europa-conferen-1.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6564
last-modified: Sat, 09 Oct 2021 14:30:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPClN6nXGvffZaqRZHnbqC%2FLawMN9VTSoI%2BCsLo9azJYDdYwRzMNgFuSytp02f%2FEYzKE%2BS4rHEN1UUy0rvM8TJ6Xx%2FhoBoBg9sQvGICSeTNsj2zJ1TaBSw9foI7I8fpU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf372bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 /
img.kooora.com/ 6 KB
7 KB 52ms
48ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f21%2f883%2farab-nations-cup-2.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c7333825d97e65bd8b6c312d53204967fe922cfdbfe800e1df91aefa1181d797

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 1818664
x-powered-by: ASP.NET
content-disposition: filename="o_l_21_883_arab-nations-cup-2.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6253
last-modified: Fri, 19 Nov 2021 20:20:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FALom5oct%2F6rk1gjndr2oJmf4tpNg4RPAfa4lqKEWnvdvEBzTDkeoiVJSsYVv443hioTE5tlpsk51Tc3RGiCJK4JxeMxpNd%2BJIhwBTVV8nzETcuHt%2FzCmCH%2BN8MazRH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf392bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 /
img.kooora.com/ 27 KB
28 KB 54ms
50ms Image
image/gif 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=ohatta%2fchampionships%2ffifa_world_cup_2022.gif

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

48995f4d2076f91fbe22f2748c20d3101213adee5e0bc7345010a1b7ff55ed70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3714712
x-powered-by: ASP.NET
content-disposition: filename="ohatta_championships_fifa_world_cup_2022.gif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28083
last-modified: Tue, 26 Oct 2021 08:20:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvPFGQmrH8FNSVKWxwOkcn5r103XTjOArzS2d3pa1LJxWX%2Fz8bekNyhV22zj%2BCKKZAVX6yR7xd9cDn3474mCglSdVz2Ld7IYDdkZNZ0lYUcs460GQYiEfOiyOrLzjOSY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf3c2bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 /
img.kooora.com/ 30 KB
31 KB 99ms
94ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=0safi%2flogo%2ffifa_logo.jpg

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

dce539a0c31f48ae62714b74b82d08d27555ae0d5380147923b3cda74d50ece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5383039
x-powered-by: ASP.NET
content-disposition: filename="0safi_logo_fifa_logo.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30863
last-modified: Sat, 09 Oct 2021 14:15:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pF5htsb3yP3%2ByHp82g17tTDh5b9aj1uyDdX09p178N%2FLCCaUZhvotcopoQWYcbMoHLwQf9lCv6nOP4KfxrmACYy%2FLVR3VyC1C7ei1RPHiDXM05aoukdx3ybRNg6gUDwC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf3e2bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 8 KB
8 KB 62ms
58ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f21%2f380%2fworld-cup-2022-1.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f4b474ac791a8d6bfa3202df5c799386069f7692bc555341bc2b97ca7f62a09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5383765
x-powered-by: ASP.NET
content-disposition: filename="o_l_21_380_world-cup-2022-1.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7724
last-modified: Sat, 09 Oct 2021 14:03:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17Nd9pqP1Cqn6gfl%2Fd4%2FgeQ%2By3i3cNi2E51esR3PNQwhhX%2BXOCDhgztxY8P0EUkXf%2Ff7KTCTudXlJuOMQyENTvP4nlCrXCzA2ROCXY27jKvBUslSHmhlg7XkxEdxF0uT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf412bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 /
img.kooora.com/ 20 KB
21 KB 62ms
58ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=omar_a%2fafrique%2f2020-07-16_133023.jpg

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

28cd77f1998ccbb4b9803529b9d9c82bdcb0b5955958af87e3231ec3640a1e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5383768
x-powered-by: ASP.NET
content-disposition: filename="omar_a_afrique_2020-07-16_133023.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20434
last-modified: Sat, 09 Oct 2021 14:03:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atbd7yx%2F5y43e6kBXsBquesvkf68lfOArHpz0Nyj81F3NSkNTdRh%2Fn9HVkPWUDvHoTfSWSAMpOBI%2FmLUOliJNmceJh%2FROwLQDHR%2FaCjzHllv5t%2FHgD%2FTQYWYdv0lMV%2BP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf432bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 7 KB
7 KB 63ms
58ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f23%2f107%2fmaradona-cup-1.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f8b7e7da391617d667319a9234d029f8b811347f3b15f6cca097ab2048dd09f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3712170
x-powered-by: ASP.NET
content-disposition: filename="o_l_23_107_maradona-cup-1.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6871
last-modified: Thu, 28 Oct 2021 22:23:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4Fka03WXeKN7F5Zke4%2B1AThv24sCYg8RLnoVJyVzMdnKHFnnoRcYMqyEtMwEzr7o4GyMdnwk%2BQI4op4tfHuFnUS%2BCtuvFec8mG1nhnH4GjeXA07wcBlNkX%2FfBKBFcyt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf452bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 /
img.kooora.com/ 5 KB
6 KB 64ms
60ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=logo%2fsaudi_cup_2019.jpg

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d90089c8fc8f0daacb8b0a1e616b8f546eac289f26bd63a59eec8e554a9427a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5381922
x-powered-by: ASP.NET
content-disposition: filename="logo_saudi_cup_2019.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5575
last-modified: Sat, 09 Oct 2021 14:33:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDCFdVYvhWrW4LI8Y5Ad020%2Bs2xD%2FOdr8ru1mp%2B1pQLq67NH4GyPOvWRqKTiudK%2B7KFw%2Bbq0nbVZjR1%2Fs2K2pMr%2FvCb5swrCOuC7Xc59lImNNglUwo5ee%2BvDP66pevc5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf462bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 6 KB
7 KB 65ms
60ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f21%2f873%2fuefa-womens-champion-1.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

05eea0ee05b5e72cee07437ed8d3ca617018bb34918176f47120b9d2241b5f56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 3762329
x-powered-by: ASP.NET
content-disposition: filename="o_l_21_873_uefa-womens-champion-1.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6252
last-modified: Thu, 28 Oct 2021 08:27:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCSPCAre2wsjCd8s09tCFFbTykT4nvMGD391TnyUYSSJn4E0GRfSWFFilokcJmbBRE1QaKUxbhRbNG5ngzzepyY7msncs3gs%2BaRr%2BBjl0%2Bc9UtiYQvS1NMKnYx8nLlbZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf4a2bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 /
img.kooora.com/ 7 KB
7 KB 95ms
90ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=o%2fl%2f23%2f207%2f3rd-gcc-games-1.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a2f75d1620f82477cb2c241eda6f527f531ed6c57fbd60317ca811f69f3e9ceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 2076113
x-powered-by: ASP.NET
content-disposition: filename="o_l_23_207_3rd-gcc-games-1.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6785
last-modified: Tue, 16 Nov 2021 09:10:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUwR1fOzQljokJbeDxl6j8ieUUAaYsDjOijzfqAgbgKBelaeaT9uYmIhZwe8JWfpyYNT%2FrAjVD4Cj%2FIDkGb7d%2F%2FVGaH28aWY1m%2F%2FxB1tcstZMP2uxklrSMXvXw45eaPx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf4d2bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 all.png
o.kooora.com/n/ 12 KB
13 KB 37ms
37ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/n/all.png?v=7

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/ms.css?rev=191&ch=5761

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9487510c4ac595f55eb9df4705241a1edaceb92201b421e15e6056105de1a918

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://o.kooora.com/ms.css?rev=191&ch=5761
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12302
last-modified: Mon, 11 Oct 2021 08:29:20 GMT
server: cloudflare
etag: "0b04a167abed71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fAiC1RUGxNymbhuX9TCKRgEVO%2B3S0FK4cmOLQ1FbIDBcqBZeryNcSqKwuo%2BpWdSHMEsZPyF6CfYhZ4iAELMPwBJJU8FI8XRg1n4akeut8kopcsHbO7NHCGEsf082w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962c8eca2bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
DATA 200
OK truncated
/ 806 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de3b7e01aea0bd98d6d26ecf3123bf335692cb50664dd50031783d2adcc5841a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 65ms
60ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f317%2fkoo_317590.jpg&z=120|90&c=23|0|533|400&h=2201

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9b88ca73616fe13e69a7dde9864abd56f21fae525024d7f603584e60517ee22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 1897
x-powered-by: ASP.NET
content-disposition: filename="corr_317_koo_317590.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3940
last-modified: Fri, 10 Dec 2021 21:00:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbJou6RqCsEE4z8bkf5hp%2BzSi%2BNVAu%2FHCbNcEKbaAJ%2FAoJXOANytaH68zsfEKwKB%2FMLQYUDIH%2FmVBkcL5e7QvCYHkYIBVKo2KH%2FERaljmoJA%2FwJZI8san0N60GCQPqQn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf4f2bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 66ms
61ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=mhmed_aziz%2fjanuary%2f1%2f1%2faziz_2022%2fvideo3.jpg&z=120|90&c=132|0|682|511&h=7123

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

67c18a2f6066397830a4d55dbaf6643233125679100320c4eaa8b23b6ae36603

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 15874
x-powered-by: ASP.NET
content-disposition: filename="mhmed_aziz_january_1_1_aziz_2022_video3.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2107
last-modified: Fri, 10 Dec 2021 17:07:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89bDDwxLjnWtUVWL8Si0LQZkADNwDbtgf05991pJuO908oN7mw2xHYMTWS3c5SA8vr2MbWr9x6b79qiP%2BcP3zaLF6izJZMxmo6WcfUTIU0AlvsVrQQ4fdvhgBuI0htiQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf502bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 67ms
62ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-11-28%2f2021-11-28t113524z_988188348_up1ehbs0w6y5h_rtrmadp_3_soccer-france-ste-psg-report_reuters.jpg&z=120|90&c=112|19|653|489&h=9401

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b2e04cfc57b95d02a1b92790f5e6f5b2cb22aea26ae95815149fb181d2325928

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6191
x-powered-by: ASP.NET
content-disposition: filename="reuters_2021-11-28_2021-11-28t113524z_988188348_up1ehbs0w6y5h_rtrmadp_3_soccer-france-ste-psg-report_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3897
last-modified: Fri, 10 Dec 2021 19:49:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSpUi3K%2Bw1dwlO1fycq8MYtDXUaIzXQa%2FBZcyS4PAJNmiZvgrj52WcAekJriBcfRUAOArFSHoc3DHnGbEOr%2B7LLkGvOSo8lnLsFaPdYbEV%2BtwOcoSRF%2BLxfWPqIHr9Ev"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf512bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
3 KB 67ms
62ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=sam%2f263835271_453571819756175_9056235698873781470_n.jpg&z=120|90&c=201|4|951|717&h=1111

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a7bf159df754b42dec8b00f78199a3b8eef5c02b804a40e664f6e5ebfadb6baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 42904
x-powered-by: ASP.NET
content-disposition: filename="sam_263835271_453571819756175_9056235698873781470_n.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2864
last-modified: Fri, 10 Dec 2021 09:37:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Je7XnP9Ik6omv1Ea52ZTYKJXCdXxLA1IQq2ryA63cCddMJHaP5g3PcuIh1bJWXKPwgavNXWJc5dnxlNLT3j6IUZAIf3Nc1vBk%2BHnYjR7kwLiIWoGwOODQ2O%2BgoGcSMmr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf5d2bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 67ms
62ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-11-21%2f2021-11-21t164056z_1912908782_up1ehbl1ac7ms_rtrmadp_3_soccer-spain-gcf-mad-report_reuters.jpg&z=120|90&c=0|0|727|545&h=4360

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2576495a051014f4266d58af681327bbf5834626950a5981a62f336aebaef659

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6488
x-powered-by: ASP.NET
content-disposition: filename="reuters_2021-11-21_2021-11-21t164056z_1912908782_up1ehbl1ac7ms_rtrmadp_3_soccer-spain-gcf-mad-report_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3030
last-modified: Fri, 10 Dec 2021 19:44:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2IKpPlwIqsnJJjhgpQIOP708h3gz0QS2whDMDsIzBRjmILEz2qCtLIIM%2Fyww3Ny27nIhFulk7hBM%2B0%2FVcz22oMC6o%2B2u7aRozv%2Fh9Euwg5zdwUJRxSvDXjoPnja3caA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf5f2bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 68ms
63ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=m..m%2fno+comment+ladies+09-12-21_thumb.jpg&z=120|90&c=154|2|951|719&h=4620

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c804a87a8ade10d10b47f130305c38a4d5086bbf6e2200c6340cb53f7fd6bd51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 26890
x-powered-by: ASP.NET
content-disposition: filename="m..m_no comment ladies 09-12-21_thumb.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3009
last-modified: Fri, 10 Dec 2021 14:04:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEKXOqS0qWsMckMg0q1ByychY3fnkBYfMYbe7LxrkBsA%2FClwNgYzMoa0gyKBzOpNvH4r7%2FJBMrihVeDExzG6N6tq237ttwm2zlh2EMaxMcnSvpcLWtQ6MqHaMep4SR59"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf602bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 68ms
63ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-08%2f2021-12-08-09630512_epa.jpg&z=120|90&c=56|0|741|556&h=272

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7658faa4324e27c7a5d18fed211be1bd4810ee2b0dd24c6e4d3fc154695793ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 17977
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-08_2021-12-08-09630512_epa.jpg"
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3032
last-modified: Fri, 10 Dec 2021 16:32:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFtGAKWv%2B%2BQYCgOxp%2BRzgnqgCaFDTAMWXzoh%2BHKg2S15N%2F0GxXFwonzK0WcMmuW61zTgZeCroqnACxc%2BcNwkvhCkNrl1Mmszw7TCNRgHLmwcZ%2BQKPc2QrHiojfr88Vam"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf622bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 69ms
64ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=rekeb%2fspecial+mbappe+ronaldo+08-12-21_thumb.jpg&z=120|90&c=147|4|947|715&h=1495

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1917c3076ef0d8345adecdb731cf891e71b907654f77a41f04e55225ffa3094a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 91604
x-powered-by: ASP.NET
content-disposition: filename="rekeb_special mbappe ronaldo 08-12-21_thumb.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2906
last-modified: Thu, 09 Dec 2021 15:00:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2B709Pr%2BKcT1wC3ob6JmFGDV5OIdViqTyqvumkBqsper%2FwPXH5Tg7yRGjmx0Wdq0rOalJtE140DK3hjurmd%2FooFY92z9E8r0z13It1ReAWh9vX4P8cNicN081K7xjKAF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf652bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 69ms
64ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=omar_a%2fkooora%2f2021%2f12%2f2021-12-10_180928.jpg&z=120|90&c=64|0|737|552&h=6862

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

95be3318d30d9a461e9cd5f20add883f030ddd8dc49dccdab456c2be5650140e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 15706
x-powered-by: ASP.NET
content-disposition: filename="omar_a_kooora_2021_12_2021-12-10_180928.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3985
last-modified: Fri, 10 Dec 2021 17:10:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYwQVN7XrDlh3Srje1UyPecINeBYYFqm3yWpbERwL1ke0G5nK3YNMVmNXsrtnlQOxNOO5lQFWwqINWORZt8Xu8nHBFe%2BodpXk2b98AWWcnhgdZk2vFgxnN3lYUIVKyVj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf672bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 70ms
64ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=amr_world_cup%2fno+comment+lenglet+09-12-21_thumb.jpg&z=120|90&c=150|2|742|560&h=7328

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

84b42eeef83a661cb1425a83a39f0b7d70ee4aeb203571e3b8dc5b4f8241aaae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 91642
x-powered-by: ASP.NET
content-disposition: filename="amr_world_cup_no comment lenglet 09-12-21_thumb.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2423
last-modified: Thu, 09 Dec 2021 20:05:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hPMIKa%2BpLrPybegFj%2BbmYZhhMheZoyXy8tmpea6wgBTif2EmxOCUYbFPMqcH3rMju%2FK51N91qbIKY6ThXexIffvh2ihUzbgJ5WjIBsQRZPrnKg4UBshn71JmocfaVzu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf6a2bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
3 KB 70ms
65ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=dahake%2fspecial+hakimi+08-12-21_thumb.jpg&z=120|90&c=209|11|941|708&h=3935

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

00bb761953644ab63c368b233f162b98e3441223897b35d23bc803e8048a08b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 126510
x-powered-by: ASP.NET
content-disposition: filename="dahake_special hakimi 08-12-21_thumb.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2606
last-modified: Thu, 09 Dec 2021 10:24:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Th0VNjq1dJjPlZHsNu6pRvWcM9un9PP3h55qkYECjlXPlcy6v5ZIBrocn9ZEhjaCV6pfJ%2Ft02axc7tMkfKL%2FPKyYRsxZaYY3Y5hJQN0QHLky7BeI0libZNfILY%2FoTnpi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf6d2bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 70ms
65ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-08-14%2f2021-08-14t202928z_415991335_up1eh8e1kx3xo_rtrmadp_3_soccer-spain-alv-mad-report_reuters.jpg&z=120|90&c=0|32|800|600&h=5007

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

442a6413460d62f9a1dfc49104791af603a3a40abd296f7783b147b57d106cfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 20167
x-powered-by: ASP.NET
content-disposition: filename="reuters_2021-08-14_2021-08-14t202928z_415991335_up1eh8e1kx3xo_rtrmadp_3_soccer-spain-alv-mad-report_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3058
last-modified: Fri, 10 Dec 2021 15:56:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byvnW8Vfj4lTi47Q0zasEJTq1ujx%2FsenYAm03897ZcfyElv5XhndbH0Iy1Saoq1epGrW8ucQbnwpqY%2Ba2dv451kWCcsPwT4%2FLAvinS%2BULARoEcIP5HWtpJtAf95f5%2B91"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf702bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 84ms
79ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=rekeb%2fno+comment+riqui+09-12-21_thumb.jpg&z=120|90&c=164|11|937|706&h=7478

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5556c9d3ed8ddf883df866105d1c9a09931532cdbb4e9b9dfcbc455aead7bc4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 112809
x-powered-by: ASP.NET
content-disposition: filename="rekeb_no comment riqui 09-12-21_thumb.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2251
last-modified: Thu, 09 Dec 2021 14:12:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOG9HnUXYtnGRb1r3%2F3cmtbjMWYK70vBGpXIadYzghbj7KZlcjNzr2HEyKjGg7M9c37i38Wlq98Kavs4UCCmeA98qPz8RG8Gwg8WdmE91mP0aDUVT3nohWp0qcubwcSG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf732bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 71ms
65ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-07%2f2021-12-07-09627763_epa.jpg&z=120|90&c=33|9|635|477&h=8625

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b22967a462d6c2e92676c0fb62e5c9a111dbde1a7b7e13643d52681e521c8d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 28108
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-07_2021-12-07-09627763_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2904
last-modified: Fri, 10 Dec 2021 13:44:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pG3F8T9bdHfROdnUqZMCi%2FjdR1U3WYtkNu36XirqPNEYk1xr4yDPfmX6WXHziq1URDWxoJxOiqV%2BLRqCcOm2BqseB0K7YYCgKDdAgfj1oqV%2Bqqb%2Bqti%2FLf17MOcJS6z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf742bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
4 KB 71ms
66ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f317%2fkoo_317608.jpg&z=120|90&c=0|128|600|450&h=3042

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6728dfd11a3888af716fc08a49897f4b56514ecb3a8a053eab560996750ec9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 226
x-powered-by: ASP.NET
content-disposition: filename="corr_317_koo_317608.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3005
last-modified: Fri, 10 Dec 2021 21:28:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7AWlE%2FjugEyjvd6evBjJl%2F3Em%2FVkG4Dx8eLnOWU7pYldrAdY186fvFdpzIF8G0jdP%2FUASKxrgkYDsDuqBsklmAyRJPAZNOr5qXqsKkm0hY1WWqiZZ%2BrQaEXWFkgM4wG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf762bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 71ms
66ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f317%2fkoo_317593.jpg&z=120|90&c=43|6|520|390&h=3086

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2f07d434d18dde705e4d229e082df2ba67389e7b957c67ac9f7431903530cad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 352
x-powered-by: ASP.NET
content-disposition: filename="corr_317_koo_317593.jpg"
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3976
last-modified: Fri, 10 Dec 2021 21:26:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4K%2FgGrE%2FzJMtG36QwRGhk%2Bf4%2F2%2BNEhLqyLJ9%2BFee2mh1yBhZjccb380ahv5KIHc1clQR70k70qt9C3fNaixwDOWUisD1OoufH969RpQ4uaSTWYj4WPZohhMA8uXIqkGd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf772bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 /
img.kooora.com/ 3 KB
3 KB 72ms
66ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=corr%2f317%2fkoo_317607.jpg&z=120|90&c=7|0|555|416&h=5055

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b54a8886d9f985ab5660c3881cb9808f22a18751888e67670104ea08cb691028

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 1186
x-powered-by: ASP.NET
content-disposition: filename="corr_317_koo_317607.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2754
last-modified: Fri, 10 Dec 2021 21:12:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=up64N%2Fl%2BayraFBF64AqB3p4cHd7Egxa%2Bl38EkR5BCmQsoPin%2FuiIi%2B%2BdsV3Q0%2BrbnKOpVNg4iEDRm%2BHYaq86R4fpOf%2F60oa0Mebeao9mYQfNsCSLhQvbPm3sqNLUKBO1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf782bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 72ms
66ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-11-28%2f2021-11-28t191141z_1467909245_up1ehbs1hbf2p_rtrmadp_3_soccer-spain-ccf-atm-report_reuters.jpg&z=120|90&c=41|0|703|527&h=3426

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8c1f19c443a7857020dae79c3dd93c080b171aa195764edac955e2874ca9ee27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 6367
x-powered-by: ASP.NET
content-disposition: filename="reuters_2021-11-28_2021-11-28t191141z_1467909245_up1ehbs1hbf2p_rtrmadp_3_soccer-spain-ccf-atm-report_reuters.jpg"
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3972
last-modified: Fri, 10 Dec 2021 19:46:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4q%2Fjk5hzh7fsQSU%2FhOKeQcArxtZ2kd0kXhKAtIArGBkncIuzDARPN8VuP6iujuytXxU3m0BDwZopw64oU3v2yJUB96QUdwcLZXfRwFXV%2FNDB9hVOvRImM5cDEAyMlcx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf792bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 72ms
67ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-08%2f2021-12-08-09630187_epa.jpg&z=120|90&c=19|1|713|535&h=7284

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7dc6b49c4e75071949a8ffea55c79ff40bbfb38a6715c69fc0c6f24df0bf03e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 17399
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-08_2021-12-08-09630187_epa.jpg"
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3987
last-modified: Fri, 10 Dec 2021 16:42:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3QqZP%2BHJvOhJpQZqX6jmlx6xNFGxUEbWWC0nKw%2B7GEHhkrWugSrfwWkTlfF9uYe7U0B0rIa%2B7vz5IDPYF%2FjDAGkToYsWm%2FfoyED8GHqir6FjnCwk724Cnw07xwPzEUm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf7a2bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 72ms
67ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-08%2f2021-12-08-09630225_epa.jpg&z=120|90&c=0|0|720|540&h=9512

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f7f57ec5443d426fffe6ed09259a322132ced497e3b0418f49ba346f286cbdc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 8266
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-08_2021-12-08-09630225_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4331
last-modified: Fri, 10 Dec 2021 19:14:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIWDy3S3jMhd9P0sIyeaP%2B%2Fkc%2Foh8Vy5zxnEP48Esr1mvdRKViDZY2pV892wAzQXDOLaAUCCAw0n6rzkXw%2Fq%2FCbg5zZeAnDgMPm4PXXdj877rtVSEHlUaDmskQ5IJeTo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf7c2bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 73ms
67ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-07%2f2021-12-07-09627643_epa.jpg&z=120|90&c=61|0|676|507&h=7084

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

44ae51f7571bab9061d6b5076324e606550e8262b50dbf965ff1aaa50f435e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 11673
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-07_2021-12-07-09627643_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2216
last-modified: Fri, 10 Dec 2021 18:18:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tZZ%2BwL%2FcmjsMIvkkeCrTDkHW5WgZjhk%2BJ3Gqq5AUVf%2FSmZHhum9aQxnoprgxfAp5IziQ2HsExgq6RrcgNL6sFYkVbG%2Fazzud6IYm457j1dRSW676bpR%2BEMULdnFPssA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf7e2bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
3 KB 73ms
68ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-08%2f2021-12-08-09630392_epa.jpg&z=120|90&c=0|0|764|573&h=2051

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ff24c1186799f34e1ae4507f08c3b0f9c0934dba05efec8f90fa7394a6342e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 128193
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-08_2021-12-08-09630392_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2574
last-modified: Thu, 09 Dec 2021 09:56:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAip6BszQTRMH4%2Fxh7rkTrs%2BC5aj3NHvv3farah6ibFhobb%2BmrqESoO0%2BvOOQ%2BjjK9L2nYmnOvqPHPPHy2wIPb2dLbAbYeKPsoNMDDUBbRJot4xnEjn6sy%2FCCO7VeQra"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf812bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
3 KB 74ms
68ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fathletics%2f2020-02%2f2020-02-26-08251014_epa.jpg&z=120|90&c=49|0|528|396&h=7388

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

76fa41999823d6407034456f61eb86b60fda33ee5d02d3d518c656930db6d74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 756
x-powered-by: ASP.NET
content-disposition: filename="epa_athletics_2020-02_2020-02-26-08251014_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2786
last-modified: Fri, 10 Dec 2021 21:19:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWbFGFTTWs%2BhRtRfTcJKiN4RScEvxrpm7tJPFMdTw%2FQjNJJ0mHY2HpNIhmk%2Bd0gSVgNLe8A1YpKRYHAsNt5aga6xcWi7SyKaBoEhbTUFclVQJ1R3RfyOxj3%2F5RqWZ4LU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf832bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 4 KB
5 KB 74ms
68ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-11-28%2f2021-11-28t192442z_888178052_up1ehbs1hx53w_rtrmadp_3_soccer-spain-ccf-atm-report_reuters.jpg&z=120|90&c=128|0|672|504&h=3362

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f9a36d1d0744eb1e248117b7514eae76f7082654ee3707ecbfebe645ab3b7740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 7212
x-powered-by: ASP.NET
content-disposition: filename="reuters_2021-11-28_2021-11-28t192442z_888178052_up1ehbs1hx53w_rtrmadp_3_soccer-spain-ccf-atm-report_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4550
last-modified: Fri, 10 Dec 2021 19:32:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9fzCUZclcN%2B4bgiWj%2FDr2Le4c78UXxkLfv5YHSvU1LmGC6yWJ7lfkXZJ8njlgiPwBQg%2FUrI%2FaG3WDdNUSf6jF1mol1umoNk6IPbkTnfh8QqA1zLcO%2BPc2NAjhzH8dZE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf882bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 38ms
34ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-04%2f2021-12-04-09621500_epa.jpg&z=7&c=64|0|709|532&h=679

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

11ff8f0927856eb647b3d9a8984d49354e4fe12c28e001fa3bd58212003644f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 81913
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-04_2021-12-04-09621500_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2043
last-modified: Thu, 09 Dec 2021 22:47:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7QcDxrs%2BkrnJdsQrDQuMwxgYQkvHUS446ymmlugwMsERxH0lkgV7dhyDapRe0sCjBWXUwt3rKR5cvfJNc9LGXN9twswLk8yKZYDfyCMc0xjNmhvhy%2FP2o3uP4mvjTY%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf122bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 1 KB
2 KB 59ms
55ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=rekeb%2fno+comment+riqui+09-12-21_thumb.jpg&z=7&c=164|11|937|706&h=9884

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

547e685a67e7ba0141eb68e037b5d6554e9263103c183448737de90e2a3cbda3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 46470
x-powered-by: ASP.NET
content-disposition: filename="rekeb_no comment riqui 09-12-21_thumb.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1387
last-modified: Fri, 10 Dec 2021 08:38:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BEQNQ2R%2ByZSQe0Zj2pRxhs4fzqBKLBEtwcNNXdYsCz2mwqKT%2FsC43NVGC4k62nO7enXSdvzl8vccQJKKd05oSu16vtd9UO2Lg3cAdC%2BvEy2SGJ4NG2UI60chLdtHs8E"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf152bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 50ms
46ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=reuters%2f2021-09-14%2f2021-09-14t194008z_678933760_up1eh9e1imubj_rtrmadp_3_soccer-champions-fcb-bay-report_reuters.jpg&z=7&c=45|0|752|565&h=9299

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ae9a441b0dc78249de9f233b561d44b8887bdb4dc97631e3cc64ed12272844d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 38375
x-powered-by: ASP.NET
content-disposition: filename="reuters_2021-09-14_2021-09-14t194008z_678933760_up1eh9e1imubj_rtrmadp_3_soccer-champions-fcb-bay-report_reuters.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1855
last-modified: Fri, 10 Dec 2021 10:52:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pBja5On%2BTiuuZjhsNLrIT0Il6XppMRJjzXlo4AwDnMBFWIuarxfdZKrZMtd5OmYq5oTP%2BckINn%2F8vOrP2dFyozhOIrCJ1WMu2%2BB1V%2Bh7V4MRgBqOLeAfdfDq4ikAyH0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf182bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
2 KB 46ms
41ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=eldeeb1%2f00002%2f0030303%2f852%2f124-183544-africa-cup-of-nations-3-to-24teams_700x400.jpg&z=7&c=54|0|531|399&h=6996

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3e2386b9b4219a296eeb86a5cc9b38686b5297e0eaedc002f43bf15cca47c389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 77268
x-powered-by: ASP.NET
content-disposition: filename="eldeeb1_00002_0030303_852_124-183544-africa-cup-of-nations-3-to-24teams_700x400.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1602
last-modified: Fri, 10 Dec 2021 00:04:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PBz5KQnuZNx5iL1OZf4gKGpyELo5TUd8dYjB0nUiqXySf0BeVVuPVA4i81nyWhaCLvFTxSYvWvTYd%2Fbxm2A7dRD%2BWGk0%2B4jAYL7rcn8DBlYD%2Bs35LDpbpe9zfP%2BVk46"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf1b2bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 47ms
43ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-08%2f2021-12-08-09630609_epa.jpg&z=7&c=0|0|709|532&h=1103

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5acae25fbb6e948494ec637e76f30a75944d71d84f218211e9132cc1db56282a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 77268
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-08_2021-12-08-09630609_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2002
last-modified: Fri, 10 Dec 2021 00:04:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZIj1VwUAFLfbIaND6ZmRQdhCZcKELnQ2PRPuwCs%2BCAaw93DgeKthypzImVR4h1896tKPrdUIUB0NRA%2Fuq2Ox1tAEEo4ukyoBXQhBTXw0e6migDgi7VEQn%2BEartwKFkl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf1d2bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
2 KB 48ms
44ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=epa%2fsoccer%2f2021-12%2f2021-12-01%2f2021-12-01-09615361_epa.jpg&z=7&c=0|0|783|587&h=8414

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf16a55522058188dadd392a0905adfef8245106b7fce43132af9690aff1b65c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 13925
x-powered-by: ASP.NET
content-disposition: filename="epa_soccer_2021-12_2021-12-01_2021-12-01-09615361_epa.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1711
last-modified: Fri, 10 Dec 2021 17:40:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkpzDaZu6bbWzBjNGauU%2FoVWh9z6en%2Fe1bM9D7DTbWBCFxzBaJ%2FeHUqk0lSxKM3kKjcslSnsxQgQpKyWvhdCGmVdOk5%2FZ0KUTO%2B4UtRBD1t9Z0axA3t2%2BETvc%2BEq4Jv4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf202bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
3 KB 37ms
33ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=m.m%2fmohammad+mutawe.jpg&z=120|90&c=0|37|564|423&h=9389

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6a1c1e2aa52fd281652a8487009d77c025eba254a54e6b7e46dae74be22eeac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 52663
x-powered-by: ASP.NET
content-disposition: filename="m.m_mohammad mutawe.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2611
last-modified: Fri, 10 Dec 2021 06:54:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnYWH3PP4ywQVTdwM2ak8xPmMCdBtpTdBxMwmT4HXXhEl6ZLFFWOfFhFG5A048GyWieaEyghcVpzK2pJRW2wZTY1JvNPotizzUTSfuDGBJS20uGdVL1bUrrB8Fx%2FkfFg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf272bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 2 KB
3 KB 48ms
44ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=zaki%2f2021-10%2f43.jpg&z=120|90&c=0|19|280|210&h=3663

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

826e453d4035015db88f9ce9989ffc86b9d31a68c2001fc7a0c16623dd2e9573

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 52981
x-powered-by: ASP.NET
content-disposition: filename="zaki_2021-10_43.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2317
last-modified: Fri, 10 Dec 2021 06:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQboas2XVRG4OXOJ0ochkcpd74CdGJ0woyNeoBswiOy56yr2u2t5BLiX1UV1jw2TAMmPXRa7KT5biwOWoWqGYmIcdfkqnKo1t2KH8NDFy%2BWkezt1E8t%2B6LsOM%2FLPYZ7x"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf2a2bb9-FRA
cf-bgj: h2pri

GET
H3 200 /
img.kooora.com/ 3 KB
3 KB 49ms
44ms Image
image/jpeg 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kooora.com/?i=asiaaa%2fscreenshot_101.jpg&z=120|90&c=0|0|278|208&h=2514

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e05fa24cbfd2c2cb678c04f95358e36c93abf672dbd2d0a346a604eb0310e19a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 5381006
x-powered-by: ASP.NET
content-disposition: filename="asiaaa_screenshot_101.jpg-c0-0-278-208-s120-90"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2613
last-modified: Sat, 09 Oct 2021 14:49:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDIWGM6cAxovsOa72Grpu%2BcxmGx70R7pTYG6AegUsNi6bPGmpMhQkvURYnm6%2BwuET18%2BSsHbHRuoi3VvBJEblklzlNZwz0Ngzw3bjDHTHn23hWAEEXBOyQZStDdKrD62"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 10 Dec 2022 21:32:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf2d2bb9-FRA
cf-bgj: h2pri

GET
H3 200 default.aspx Show response
m.kooora.com/ 230 B
865 B 57ms
56ms XHR
text/html 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.kooora.com/default.aspx?jsoninfo=compstatus

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d21ca89aa77c6d673f2f2ff7bd075f4c95ac8d6d34dd368739fa87956904d588

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	Deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 9
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 10 Dec 2021 21:32:21 GMT
server: cloudflare
x-frame-options: Deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgemFBuWfKGn9%2BL03dizDgnzNi1ktqAw8NrIzkoHbJ%2FjjIO6kCfeb1GOmnisXhtETrZ05JlNq8nR4%2BYCI556Ho7e4Ugns3m53xN6JbFpubSNVE%2F9BBHSaQdybbILPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=windows-1256
cache-control: private
cf-ray: 6bb9962cbf8c2bb9-FRA
expires: Thu, 10 Dec 2020 21:32:21 GMT

GET
H3 200 eu.png
o.kooora.com/f/ 379 B
1015 B 57ms
56ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/eu.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

411fcbcc2226f768fece00eee0f2f68813fccec19b77a21e6c257d747a430e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 379
last-modified: Thu, 24 Apr 2014 14:09:27 GMT
server: cloudflare
etag: "f5d2c8cdc65fcf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRytuYofyzMQqsYoZgw6EH0CyaGkPiplNaxaiQ9czx7unI9FT7DQBi3MmElCRB%2F4E4CAiwVJLJe6gwia7cH%2FuxmC%2FA%2FKEVdokhHjfnfow2d0%2F0WNRXEYrcViYHbxFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf8e2bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 nl.png
o.kooora.com/f/ 118 B
753 B 57ms
56ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/nl.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18396ba08d5e73bfcb155d503f9792d65377dd9233b43858d3d57099396259b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194483
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 118
last-modified: Tue, 27 May 2014 17:10:52 GMT
server: cloudflare
etag: "ab587e9dce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ld2jeMUK1uEOW0jI1tVPOVumPQynSLlkqlqZPf1uArfuZjtcTUYzI2wIsocHCKDi2NNZfebEq35cs%2BNX%2FpV2BqyF%2FiewrEI48oisXEV2RJxUGSH4%2BIwd1yXp%2Fe0q5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf902bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H3 200 pt.png
o.kooora.com/f/ 517 B
1 KB 57ms
56ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/f/pt.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a86adfc2d049ba63e1a2779a368902ff1861d59f80f9381637e1e56fec3f1e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194465
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 517
last-modified: Tue, 27 May 2014 17:10:36 GMT
server: cloudflare
etag: "b3d88793ce79cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQuKydwBUp6MDmJjGpGApCU8hVx%2FpPQFoTbK6mNS5fzzmryHupemzJwSyNXKYd1hMTtHqOaSXO%2B109ZZS%2FHj0BJn%2B6YirbCH3%2BOtmxomyZvkJ4H4CG0niY1RSDBNcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cbf942bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H2 200 Catfish.json Show response
ktv.kooora.ws/ 771 B
204 B 67ms
39ms XHR
application/json 2606:4700::6812:16fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ktv.kooora.ws/Catfish.json
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c0fddf8db37a360dfa9dbc4d50f6e733318b408354eabfa5000a9c84dcbbe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Oct 2021 06:18:41 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
age: 277
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6bb9962d0f34d6e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 dlive.json Show response
ktv.kooora.ws/ 2 B
379 B 51ms
27ms XHR
application/json 2606:4700::6812:16fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ktv.kooora.ws/dlive.json
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 May 2021 20:50:12 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
age: 214
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6bb9962d0f37d6e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 xgemius.js Show response
gaae.hit.gemius.pl/ 40 KB
11 KB 165ms
46ms Script
application/x-javascript 188.68.250.238
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/xgemius.js
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.238 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h238.sprintdatacenter.net
Software: GHC /
Resource Hash: b097f8e4d32d148b9b3e42e3ac568b4edde95cb3de99f44346f51469d618979a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 13:46:08 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10838
expires: Sat, 11 Dec 2021 09:32:34 GMT

GET
H3 200 / Show response
m.kooora.com/ 1 KB
1 KB 103ms
103ms XHR
text/html 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.kooora.com/?lnews=de

Requested by

Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

868f295c498e0072674cee17a091a53c4b34bd3dde1e01e8199a5b172bc49ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	Deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 10 Dec 2021 21:32:19 GMT
server: cloudflare
x-frame-options: Deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ycXmGON1uuaPRR82SUmm%2ByY2WYT0ukdMF17cJ%2FNlxDJLgnhPiQG49q3rAv3GG5rG2cJ8E06yFRtLGSBMP8WxUp1upNuBhdMlrwLm0jZ1TyvVmSy%2BCIFFrTkbhw6Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=windows-1256
cache-control: private
cf-ray: 6bb9962cefab2bb9-FRA
expires: Thu, 10 Dec 2020 21:32:34 GMT

GET
H2 200 getrssarticlesAPI Show response
striveme.com/api/ 15 KB
3 KB 103ms
73ms XHR
application/json 2606:4700:20::ac43:4901
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://striveme.com/api/getrssarticlesAPI
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4901 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.30
Resource Hash: 09d6d37f17cc1587c2955d80f3c6fe66d4f2c786cd6f3a73f70955fdf73d127c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.30
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods
content-type: application/json;charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFAh1AGFApplp76ClqKNPxHPemZF8%2B4NQ7FNPoqsKR7%2Bg2Ir1vWr3WbhK4YD8IJxE2yjiZIEFD%2Bhr5hRmvQ6Pd18FQ6To2nAdXN6SKTHMuABxqG6LyRbyB0yxrcU5RETWv3WuPTF%2Bl0ShA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
cf-ray: 6bb9962d1aae4309-FRA
access-control-allow-headers: ,

GET
H3 200 Ad_24_9_20_320x50.gif
o.kooora.com/banners/ 9 KB
10 KB 51ms
51ms Image
image/gif 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/banners/Ad_24_9_20_320x50.gif

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a90780df9a27b81c47ca2d3d8e87af6099b16997d01601ecaa2a92a7c44dc342

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194485
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9163
last-modified: Sun, 12 Sep 2021 07:25:58 GMT
server: cloudflare
etag: "0c7246ea7a7d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YelVQ0Tt%2BKr1Z%2BhT9tEwRfPAD%2BrMA9oVMBihOasw%2FjJZbNMApA75QSFAObcMu%2FRgfB1g3vamXXWKduleQ9ZuUt0ee8wng0Bylq90W0QlChhbbFeC9Vqht8B4qYsvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962cefac2bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

GET
H2 200 lwt.json Show response
ktv.kooora.ws/ 24 KB
3 KB 56ms
35ms XHR
application/json 2606:4700::6812:16fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ktv.kooora.ws/lwt.json
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f7dd8f67badcc144df008dfc621f0ead7d36272df3069b7693ce93d6409e236

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 21:21:12 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
age: 277
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=178
cf-ray: 6bb9962d0f38d6e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 kooora_com.js Show response
static.cognativex.com/config/ 209 B
710 B 39ms
17ms Script
text/javascript 2606:4700:20::ac43:4487
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognativex.com/config/kooora_com.js?v=2021-12-10
Requested by: Host: kooora.cognativex.com
URL: https://kooora.cognativex.com/cognativex/cn.js?v=2021-12-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4487 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 015f2154b4f8add8ddf1909d69d1ef40b5dcd400f6a84311f561fdfa7ef63c84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=+YOpGA==, md5=mjwGHzw2a1A6ZKyWFqTX6g==
date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3175
cf-polished: origSize=213
x-guploader-uploadid: ADPycdu2lef5bEcEVEXGmmZGWhc-JggcE-5t4mawE3vPbaY1Fnv74eVurK0v3aFbrYWRgddNuobDtcbJ1I6CQZZPVw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Thu, 09 Dec 2021 13:51:33 GMT
server: cloudflare
etag: W/"9a3c061f3c366b503a64ac9616a4d7ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OBUHrZmytSXCLk8pnaFNkgeZ%2ByCHdJ3pi9swzhP7zLfkBPzLwDNzEJQNL%2FC4bTlAw0M0IFaEzgXo1RLChqPs52GwJbouKRpgplAy9No8RICksFnSdHcz%2Bibvn555cltw9mB8NT1uCp7UF89QiLb3VwewQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1639057893398963
access-control-allow-origin: *
expires: Sat, 11 Dec 2021 20:39:39 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 213
cf-ray: 6bb9962d395fd6d9-FRA
cf-bgj: minify

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 31ms
16ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T24P46T&cid=225748511.1639171955

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

537d56f063d42e0085dc1c65dbaade0f3a5aa6ddca9ad63737f3920989777878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34968
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 21:32:34 GMT

GET
H/1.1

200
OK

get Show response
collector.effectivemeasure.net/beacon/
Redirect Chain

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1639171954772_1
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1639171954772_1

143 B
741 B

32ms
31ms

Script
text/javascript

54.229.158.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1639171954772_1

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

HTTP/1.1

Server

54.229.158.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-158-181.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

813369da4a38e4fd0b8c5f4a50134f5bbfa467145f8635213c639f26c8ddd16b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 135
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:34 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1639171954772_1
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 160
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ar_AR/ 281 KB
79 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js?hash=0f464de38581a76d4f17ee736f22ff52

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74254351bbbffcee8dbcbe8d9d0cd785aa39f1df7619ac6d1383b51ff0fd54aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.kooora.com/
Origin: https://m.kooora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Is8IKCohj/d2bjslBkyxlQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 10 Dec 2022 18:36:22 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 81311
x-fb-rlafr: 0
x-fb-debug: CptYr7lRrs0sXKgvVnOTGPURfz1MmsGV1FyyOLa+dAOHb7V3jUyFouz0WkmAwrmck2+PO3d/XPG4t1e3wTeZjQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ff2bd3353e36b6a6a1e57d1106caff2c
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 10 Dec 2021 21:32:34 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f7ea0e7928b6a0ef1d790fa8b1e72baf"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 1506063979515344 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1506063979515344?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc040d616a89acc59a2ec1ff5b60ecb02891ad55a71e57ecd4e9e2b14d7c040b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89314
x-xss-protection: 0
pragma: public
x-fb-debug: /ZxcKKbLaKWd2krKlDWP+LI4cF5A4jNbEphF8V99zeaIMh5+dzhDOfCA2or4idxc0XdKFclocgH9ggz+JSK+Pw==
x-frame-options: DENY
date: Fri, 10 Dec 2021 21:32:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 vod_data.json Show response
ktv.kooora.ws/ 575 B
740 B 52ms
38ms XHR
application/json 2606:4700::6812:16fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ktv.kooora.ws/vod_data.json
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/mo.js?rev=1389&ch=4972
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:16fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8f8cec87c995b98cccf83861331c956248461cd133f529629ee685c06dd82cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 19:55:36 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
age: 223
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=56
cf-ray: 6bb9962dacce4321-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js Show response
cdn.permutive.com/ 2 MB
337 KB 76ms
52ms Script
application/javascript 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2fcaef47a7dbca0213d95282596f1eb8ba19e282b2d0ec7b34fbf8e3a518fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: f3a06674-ebb9-4b9d-ba8f-0052018c0687
age: 1205
x-guploader-uploadid: ADPycds3IgIwgtJAtBr-QzhdKxNq_Htiugo_RC1a2eRq-Omr1ujjikscbSYzrMe-FPF2JKu3vprJGuvE3AU7TIXn-Ew
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Wed, 08 Dec 2021 10:37:17 GMT
server: cloudflare
etag: W/"36701d4de81930ecacbfd67d0677b577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=eeb7pA==, md5=NnAdTegZMOysv9Z9Bne1dw==
x-goog-generation: 1638959837106554
cache-control: public, max-age=900
x-goog-stored-content-length: 371509
cf-ray: 6bb9962dfe93701b-FRA
expires: Fri, 10 Dec 2021 21:47:34 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 75 KB
28 KB 39ms
8ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13df9d9a6608597b2be359fc363846eea838ad93d8f91ade2856bf415760b338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27779
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 17:49:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Fri, 10 Dec 2021 21:46:03 GMT

GET
H2 200 %D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D9%84%D8%A7%D9%86%D8%AF%D8%B1%D9%88%D9%81%D8%B1-%D8%AF%D9%8A%D8%B3%D9%83%D9%88%D9%81%D8%B1%D9%8A-%D8%B3%D8%A8%D9%88%D8%B1%D8%AA-2021.webp
striveme.com/img/article/22283/ 136 KB
137 KB 37ms
19ms Image
image/webp 2606:4700:20::ac43:4901
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://striveme.com/img/article/22283/%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D9%84%D8%A7%D9%86%D8%AF%D8%B1%D9%88%D9%81%D8%B1-%D8%AF%D9%8A%D8%B3%D9%83%D9%88%D9%81%D8%B1%D9%8A-%D8%B3%D8%A8%D9%88%D8%B1%D8%AA-2021.webp
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4901 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d208b79509407b4229335c39b03f762ce45aff43b68cefee0344b706f65a04f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Dec 2021 11:08:27 GMT
server: cloudflare
age: 1318
etag: "61b3352b-22191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05mby4JFTZAjeaRkARuc5kwr0iwvQvjp5gpHuIniPf56VSgEX6D5nG6pydcgtOfyt2K%2BFqgNIDzOvRneCnflbcuu6vITUGmYte3wBCzWgD5CejCu4amgAKmOjAoRda6uzOduaHGLc9E%2BIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6bb9962e08d15b44-FRA
content-length: 139665

GET
H3 200 StriveME-Logo-S.png
o.kooora.com/ 4 KB
4 KB 21ms
21ms Image
image/png 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.kooora.com/StriveME-Logo-S.png

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b8d41caf72b504b1613e841aec9f50f639afc7b6afd44e454dab0b74399ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2194483
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3826
last-modified: Sun, 12 Sep 2021 07:17:32 GMT
server: cloudflare
etag: "04e8b40a6a7d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGRve3dL6E7y7dy1YyTC414X1M5Csgy310jx743lbsRYEqVJmcK7Yzf2VsA2Y%2FwsQs26RF2XKOCcMtepeFFRgAw1u1Mk0ASue0Am3%2B763%2By42NuUQrj5s%2Fv1sdsW0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb9962de9402bb9-FRA
expires: Sat, 10 Dec 2022 21:32:34 GMT

POST
H3 204 result Show response
m.kooora.com/cdn-cgi/bm/cv/ 0
756 B 11ms
11ms XHR
text/plain 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.kooora.com/cdn-cgi/bm/cv/result?req_id=6bb9962a5d055b62

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/cdn-cgi/bm/cv/669835187/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://m.kooora.com/default.aspx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olUlxlYwPra2omHfALPWdljYQ0b4KdPofVWu9kC%2FuTfHHtVHZuelSHqb2gA2SgJmR9TEHWz5Bra7nzFu78IGtFbWhKmnTRkb5AOcB7qjLajjpqhN6RtmPPy7JAZBcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6bb9962e097f2bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 thumb_1639151407.jpg
ktv.kooora.ws/images/167/ 35 KB
35 KB 37ms
25ms Image
image/jpeg 2606:4700::6812:16fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktv.kooora.ws/images/167/thumb_1639151407.jpg
Requested by: Host: o.kooora.com
URL: https://o.kooora.com/jquery-3.5.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:16fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f454ff8f488843de39c46cc878b0df9eff6d61090c62e43b1d09aef0e48c8c8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
cf-cache-status: HIT
age: 280
cf-polished: origSize=36994, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35557
last-modified: Fri, 10 Dec 2021 19:55:36 GMT
server: cloudflare
etag: "5b3a14e6ffedd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 6bb9962e2b3f7021-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 cx_script_v20.0.12.js Show response
static.cognativex.com/scripts/ 144 KB
49 KB 28ms
27ms Script
text/javascript 2606:4700:20::ac43:4487
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognativex.com/scripts/cx_script_v20.0.12.js
Requested by: Host: kooora.cognativex.com
URL: https://kooora.cognativex.com/cognativex/cn.js?v=2021-12-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4487 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5795d648e5c8930d4a1caa635d9db2bdfb502b73347c355aadefe11602f8f6d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=SxBLlg==, md5=IOapR2bgWScj2a5wVTZQlA==
date: Fri, 10 Dec 2021 21:32:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113767
x-guploader-uploadid: ADPycdvgFZjYbn9WFcZDPQRdrC6ZqLYWo5CF5nUibmdk334E2GuZl49Qd3JRUsARhfQMmwpWa71ed0d3ydYDLwGCl_oi15ATOQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
last-modified: Thu, 09 Dec 2021 13:49:33 GMT
server: cloudflare
etag: W/"20e6a94766e0592723d9ae7055365094"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ay1thstXTo2i1MMgXlH5oVoaDaBlegk84sn2%2BsI%2B8AHjsTdPH%2BRklPu7FEKpxKEx%2FCDRsqAMRJaWFFL1vKqkeHXsne04zQlhvqQquJABl5wCQ9AzkMnjDBxtDEKqK8fBa6cSjM6xO9IbQiYaDNXczKoHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
x-goog-generation: 1639057773114919
expires: Sat, 08 Jan 2022 13:56:27 GMT
cache-control: public, max-age=2592000
x-goog-stored-content-length: 48061
cf-ray: 6bb9962e1a83d6d9-FRA
cf-bgj: minify

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 27ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1506063979515344&ev=PageView&dl=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&rl=&if=false&ts=1639171954908&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639171954907.1348389583&it=1639171954783&coo=false&exp=p1&rqm=GET

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 10 Dec 2021 21:32:34 GMT

GET
H2 200 fpdata.js Show response
gaae.hit.gemius.pl/ 279 B
393 B 45ms
45ms Script
application/x-javascript 188.68.250.238
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/fpdata.js?href=m.kooora.com
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.238 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h238.sprintdatacenter.net
Software: GHC /
Resource Hash: b7d4ce51581ac5510239e857ad0fb63dcbe0f674d2d64fde2e0ec6c45ed7d8a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 279
expires: Sun, 09 Jan 2022 21:32:34 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 3B4C 5 KB
3 KB 87ms
26ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: f3573b2e94941769c1a150bd10c4997268c3a9011f5f0a07e9c840dd5d5257cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
expires: Sun, 09 Jan 2022 21:32:34 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2716
content-encoding: gzip

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 49ms
16ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3167577-2&cid=225748511.1639171955&jid=886874887&gjid=772854557&_gid=2083437344.1639171955&_u=aGBAiEADRAAAAE~&z=510679561

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 10 Dec 2021 21:32:34 GMT
content-type: text/plain
access-control-allow-origin: https://m.kooora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1654604327&t=pageview&_s=1&dl=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&dp=%2F&ul=en-us&de=windows-1256&dt=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEADR~&jid=886874887&gjid=772854557&cid=225748511.1639171955&tid=UA-3167577-2&_gid=2083437344.1639171955&cd8=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&cd16=Homepage&z=2132645836

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 11:09:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37358
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=562459823911593&ev=fb_page_view&dl=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&rl=&if=false&ts=1639171954940&sw=1600&sh=1200&at=

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 10 Dec 2021 21:32:34 GMT

GET
H/1.1 200
OK detect Show response
detect-survey.effectivemeasure.net/ 19 B
461 B 47ms
8ms XHR
application/json 2600:9000:206f:7e00:1f:612c:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://detect-survey.effectivemeasure.net/detect?
Requested by: Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1639
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7e00:1f:612c:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 02:30:50 GMT
Via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 154905
X-Powered-By: Express
X-Cache: Hit from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA56-C1
Content-Length: 19
X-Amz-Cf-Id: NufHfbfL0TKrq8TjryZs-DPwmklSCOaaM5t7BixHFVKPWkMTHvNaNQ==

GET
H/1.1 200
OK sync_pixels Show response
collector.effectivemeasure.net/ 76 B
418 B 121ms
30ms XHR
application/json 54.229.158.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.effectivemeasure.net/sync_pixels?pageURL=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&vt=ad787200-ba79-4f9d-8d99-a9bd1a0c0b67-17da6431907-e68020be
Requested by: Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1639
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.158.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-158-181.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: a9e9ce0f2fe232bf31c9f446a35568c225e8027eee116261a16fdc33170641cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:35 GMT
Content-Encoding: gzip
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 87
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK pixel
collector.effectivemeasure.net/ 35 B
288 B 32ms
32ms Image
image/gif 54.229.158.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/pixel?et=pageview&ed=&br=t1&vn=e2be7c7&tz=0&pu=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&vt=ad787200-ba79-4f9d-8d99-a9bd1a0c0b67-17da6431907-e68020be&vi=6ee1ef02-9217-4bf2-9c82-e0890493000b-17da6431920-4dbcf0da&du=0&dt=0&c1=1&c3=1&pc=1&db=0&pr=&tt=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&te=205&sh=1200&sw=1600
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.158.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-158-181.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:34 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 55ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3167577-2&cid=225748511.1639171955&jid=886874887&_u=aGBAiEADRAAAAE~&z=55569766

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 55ms
31ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3167577-2&cid=225748511.1639171955&jid=886874887&_u=aGBAiEADRAAAAE~&z=55569766

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pxid Show response
f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co/v2.0/ 46 B
453 B 42ms
19ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co/v2.0/pxid?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e88521502d9cfe219a16acebc1a3fda2eca6544b7337901e6a22aeaabf3150c6

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://m.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
688 B 51ms
18ms XHR
application/json 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:35 GMT
X-Proxy-Origin: 168.119.25.193; 168.119.25.193; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d6d42e3a-268f-4daa-9f3d-50eceea42345
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://m.kooora.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 f3a06674-ebb9-4b9d-ba8f-0052018c0687-models.bin Show response
cdn.permutive.com/models/v2/ 148 KB
103 KB 37ms
19ms XHR
application/x-binary 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/f3a06674-ebb9-4b9d-ba8f-0052018c0687-models.bin
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed535518527eb0e95f88a5506ff3a2f0d6202ae5805f2e4b91a659a793413bf0

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-oid: f3a06674-ebb9-4b9d-ba8f-0052018c0687
age: 1191
x-guploader-uploadid: ADPycduC5cfjZBdbv2vQmh8OeHwBkW9Rra2i-ftePJZK9HG8eKFFhPEdvtNgUdeHmoJnLRbH_mJqbdd4Skv4vVzGKLqGLqTHXQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/x-binary
content-length: 104543
last-modified: Fri, 10 Dec 2021 06:02:08 GMT
server: cloudflare
etag: "650398539ca630eaebb7eab950d7cbd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=/nEkpA==, md5=ZQOYU5ymMOrrt+q5UNfL1Q==
x-goog-generation: 1639116128613040
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 104543
accept-ranges: bytes
cf-ray: 6bb9962f4e3f2b35-FRA
expires: Fri, 10 Dec 2021 21:12:44 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 265 B
423 B 40ms
16ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b134f0aac23e8a216bea83b21173b25934c61d4dca922ad561b5bb5d63e358ce

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://m.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 170
via: 1.1 google

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 337 B
308 B 40ms
16ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 1683735a30551a92a925fdc9617d9fb943eb9d7946a6ea6a82f46d36aa1372dd

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://m.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 233
via: 1.1 google

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 97 B
653 B 33ms
32ms Script
text/javascript 54.229.158.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22gc%22%3A%22DE%22%2C%22mb%22%3A%220%22%7D&callback=cb1639171954772_2

Requested by

Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1639

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.158.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-158-181.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

7c32d05406ef1ca566680dbb93749fca5f208d9ac6259f13d887490c6d5b2277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 97
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 launchConfigs Show response
survey.effectivemeasure.net/ 2 B
122 B 102ms
101ms XHR
application/json 52.1.153.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Requested by: Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1639
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.153.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-153-66.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 10 Dec 2021 21:32:35 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

OPTIONS
H2 204 launchConfigs
survey.effectivemeasure.net/ Frame 0
0 330ms
102ms Preflight 52.1.153.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.153.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-153-66.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://m.kooora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type

GET
BLOB 200
OK 249c9816-bf2a-45ec-839f-46ccc8f6c9c3
https://m.kooora.com/ 2 MB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://m.kooora.com/249c9816-bf2a-45ec-839f-46ccc8f6c9c3
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdcc02027cf7170a9149086ba1f401cd7ec5582383891bb3d021c31c3769b7a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 2059650

GET
BLOB 200
OK 5ccf9b01-2f96-4396-8fb0-a87e0e9451af
https://m.kooora.com/ 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://m.kooora.com/5ccf9b01-2f96-4396-8fb0-a87e0e9451af
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7cd54a0769592ecfc8cb8b587968ba6d9492df16965c0d2a2972df88f6741c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 22499

GET
H/1.1

200
OK

google_gid
collector.effectivemeasure.net/sync_webhook/ddp/
Redirect Chain

https://cm.g.doubleclick.net/pixel?client=ddp-dms&google_nid=emi_ddp&google_cm
https://cm.g.doubleclick.net/pixel?client=ddp-dms&google_nid=emi_ddp&google_cm=&google_tc=
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?client=ddp-dms&google_gid=CAESEJDTw9M5Oz97XMPUmbW2tcY&google_cver=1

35 B
288 B

32ms
32ms

Image
image/gif

54.229.158.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?client=ddp-dms&google_gid=CAESEJDTw9M5Oz97XMPUmbW2tcY&google_cver=1
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: HTTP/1.1
Server: 54.229.158.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-158-181.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:35 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?client=ddp-dms&google_gid=CAESEJDTw9M5Oz97XMPUmbW2tcY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 100 B
552 B 33ms
33ms Script
text/javascript 54.229.158.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22dmp%22%3A%221639171955118%22%7D&callback=cb1639171954772_3

Requested by

Host: t1.effectivemeasure.net
URL: https://t1.effectivemeasure.net/tag.js?1639

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.158.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-158-181.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

c4a7c200ea7f982f63b0dc34f9de8210887e702701279c1bb27c7f1ced930fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 96
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
324 B 43ms
28ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: eb6823022ab5173c6429958e22aa359f383b50a2b08eaf1722c45468534870fc

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://m.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 70
via: 1.1 google

GET
H2

200

rexdot.js Show response
gaae.hit.gemius.pl/__/_1639171955163/
Redirect Chain

https://gaae.hit.gemius.pl/_1639171955163/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.kooora.co...
https://gaae.hit.gemius.pl/__/_1639171955163/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.kooora...

800 B
1 KB

128ms
128ms

Script
application/x-javascript

188.68.250.238
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/__/_1639171955163/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=EVoa5vcinHBzbhPoBw0kwt9MXJPkRuRfi9aVGw9xUCn.27SRW5m7aGmulERA0fDKjYI1cHDwXr7p83IvX94bgoJ6c_En/qoBab7ucufkwF/&fpdata=sNLK9jTETJm26wAioIq.l4a_xdPm4EeN1miWH8tZ2pP.l7&vis=1&fpcap=
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Server: 188.68.250.238 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h238.sprintdatacenter.net
Software: GHC /
Resource Hash: 8a134947aa208d1b617de8ed49acd89ec1f9d648668827b0d8f7406310279def

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:35 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 800
expires: Thu, 09 Dec 2021 21:32:35 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:35 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1639171955163/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=EVoa5vcinHBzbhPoBw0kwt9MXJPkRuRfi9aVGw9xUCn.27SRW5m7aGmulERA0fDKjYI1cHDwXr7p83IvX94bgoJ6c_En/qoBab7ucufkwF/&fpdata=sNLK9jTETJm26wAioIq.l4a_xdPm4EeN1miWH8tZ2pP.l7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 09 Dec 2021 21:32:35 GMT

POST
H2 200 tpd Show response
api.permutive.com/v2.0/ 2 B
90 B 19ms
19ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/tpd?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://m.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 22
via: 1.1 google

GET
H/1.1 200
OK ca1ca27a-0f57-4b8b-8b28-07efcfdb0180
collector.effectivemeasure.net/sync_webhook/permutive/ 35 B
288 B 32ms
32ms Image
image/gif 54.229.158.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/permutive/ca1ca27a-0f57-4b8b-8b28-07efcfdb0180
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.158.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-158-181.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:35 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 14 B
78 B 22ms
22ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 10 Dec 2021 21:32:35 GMT
via: 1.1 google
server: Permutive
alt-svc: clear
content-length: 14
content-type: application/json

GET
H2

201

sync
api.permutive.com/v2.0/px/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=40da2992-202e-46c3-bd6d-d27455ebb9ca,ca1ca27a-0f57-4b8b-8b28-07efcfdb0180
https://match.adsrvr.org/track/cmb/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=40da2992-202e-46c3-bd6d-d27455ebb9ca,ca1ca27a-0f57-4b8b-8b28-07efcfdb0180
https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,ca1ca27a-0f57-4b8b-8b28-07efcfdb0180&alias=110c7e2e-17ef-40d8-90fc-ea169ae75ac5&type=tradedesk

35 B
107 B

15ms
15ms

Image
image/gif

34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,ca1ca27a-0f57-4b8b-8b28-07efcfdb0180&alias=110c7e2e-17ef-40d8-90fc-ea169ae75ac5&type=tradedesk
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
via: 1.1 google
server: Permutive
alt-svc: clear
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:35 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,ca1ca27a-0f57-4b8b-8b28-07efcfdb0180&alias=110c7e2e-17ef-40d8-90fc-ea169ae75ac5&type=tradedesk
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 377

GET
H2 200 xgde.js Show response
gaae.hit.gemius.pl/gdejs/ 54 KB
19 KB 45ms
45ms Script
application/x-javascript 188.68.250.238
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/_1639171955163/rexdot.js?l=100&id=B7aV7_LI0WOGOni4MTE2iqP8P6IisHru__WXN5YFvF..Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=EVoa5vcinHBzbhPoBw0kwt9MXJPkRuRfi9aVGw9xUCn.27SRW5m7aGmulERA0fDKjYI1cHDwXr7p83IvX94bgoJ6c_En/qoBab7ucufkwF/&fpdata=sNLK9jTETJm26wAioIq.l4a_xdPm4EeN1miWH8tZ2pP.l7&vis=1&fpcap=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.238 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h238.sprintdatacenter.net
Software: GHC /
Resource Hash: 013a122c7839f7d75e116bc0dc041b77af02f1f75d6eb299cb47c1155dde8565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 06:10:32 GMT
server: GHC
etag: "616678580000D869528FC5A6"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 19293
expires: Sat, 11 Dec 2021 21:32:35 GMT

GET
H2 200 xgde.html Show response
gaae.hit.gemius.pl/gdejs/ Frame C9C8 303 B
314 B 46ms
45ms Document
text/html 188.68.250.238
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/gdejs/xgde.html
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.238 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h238.sprintdatacenter.net
Software: GHC /
Resource Hash: 7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
expires: Sat, 11 Dec 2021 21:32:35 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
etag: "5996D7A50000012F9178E011"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 215
content-encoding: gzip

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1506063979515344&ev=Microdata&dl=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&rl=&if=false&ts=1639171955437&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fo.kooora.com%2Fi%2FkSquareLogo.jpg%22%2C%22og%3Aurl%22%3A%22%22%2C%22og%3Atitle%22%3A%22%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%22%2C%22og%3Adescription%22%3A%22%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%D8%A9%20%D8%AD%D9%8A%D8%A9%20%D9%88%D8%AC%D8%AF%D8%A7%D9%88%D9%84%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D9%88%D8%A2%D8%AE%D8%B1%20%D8%A7%D9%84%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%D8%A9%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1639171954907.1348389583&it=1639171954783&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 10 Dec 2021 21:32:35 GMT

GET
H2 200 xgde.js Show response
gaae.hit.gemius.pl/gdejs/ Frame C9C8 54 KB
19 KB 46ms
45ms Script
application/x-javascript 188.68.250.238
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://gaae.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: gaae.hit.gemius.pl
URL: https://gaae.hit.gemius.pl/gdejs/xgde.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.238 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h238.sprintdatacenter.net
Software: GHC /
Resource Hash: 013a122c7839f7d75e116bc0dc041b77af02f1f75d6eb299cb47c1155dde8565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gaae.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 06:10:32 GMT
server: GHC
etag: "616678580000D869528FC5A6"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 19293
expires: Sat, 11 Dec 2021 21:32:35 GMT

GET
H2

200

redot.gif
gaae.hit.gemius.pl/_[TIMESTAMP]/ Frame C9C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ipsos_gemius_ddp&google_cm&lsdata=EVoa5vcinHBzbhPoBw0kwt9MXJPkRuRfi9aVGw9xUCn.27SRW5m7aGmulERA0fDKjYI1cHDwXr7p83IvX94bgoJ6c_En/qoBab7ucufkwF/
https://gaae.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=EVoa5vcinHBzbhPoBw0kwt9MXJPkRuRfi9aVGw9xUCn.27SRW5m7aGmulERA0fDKjYI1cHDwXr7p83IvX94bgoJ6c...

43 B
229 B

45ms
45ms

Image
image/gif

188.68.250.238
SPRINT-SDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaae.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=EVoa5vcinHBzbhPoBw0kwt9MXJPkRuRfi9aVGw9xUCn.27SRW5m7aGmulERA0fDKjYI1cHDwXr7p83IvX94bgoJ6c_En/qoBab7ucufkwF/&google_gid=CAESEAplO455eSgsE4PlpCGSW0o&google_cver=1
Protocol: H2
Server: 188.68.250.238 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h238.sprintdatacenter.net
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gaae.hit.gemius.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:35 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Thu, 09 Dec 2021 21:32:35 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://gaae.hit.gemius.pl/_[TIMESTAMP]/redot.gif?id=AotKgS7az4SecFV2udEddoaA.hfpGC9G2vmd8RXNICz.H7/&lsdata=EVoa5vcinHBzbhPoBw0kwt9MXJPkRuRfi9aVGw9xUCn.27SRW5m7aGmulERA0fDKjYI1cHDwXr7p83IvX94bgoJ6c_En/qoBab7ucufkwF/&google_gid=CAESEAplO455eSgsE4PlpCGSW0o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 477
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rum Show response
m.kooora.com/cdn-cgi/ 0
164 B 11ms
9ms XHR
text/plain 104.18.8.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.kooora.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.kooora.com/default.aspx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json

Response headers

date: Fri, 10 Dec 2021 21:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://m.kooora.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6bb996333ab02bb9-FRA
vary: Origin

GET
H2 200 tagger.js Show response
tagger.opecloud.com/dms/v2/ 959 B
852 B 34ms
9ms Script
text/javascript 3.64.158.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagger.opecloud.com/dms/v2/tagger.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W46V3QD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.158.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-158-25.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bc9399a1d9cf60902f99fc281b1f891001e088e5da2a9eabd80b989a693f0bd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
cache-control: private, max-age=3600
p3p: CP="ADMa OUR IND DSP NON COR"
content-length: 504
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 63 KB
17 KB 39ms
7ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cad23c63c500d428b4a3c0f9d23109d1021f7218867f313802ffbc2cb0104275

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 17:39:47 GMT
server: AkamaiNetStorage
etag: "b490ed21c910e166f41fde4dd61d6e36:1639071587.435313"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16724
expires: Sun, 12 Dec 2021 21:32:36 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
459 B 41ms
10ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/5406/ 348 KB
7 KB 42ms
11ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5406/snthemes.js
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ca724b62c978e49a2f0a167baa85bc0aaa04429b1ca9d188b669699c8c65ecf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 06:04:50 GMT
server: AkamaiNetStorage
etag: "453145557b3e522e31aa2a507f671db2:1639029890.833228"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6881
expires: Sun, 12 Dec 2021 21:32:36 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/5406/kooora/ 20 KB
2 KB 46ms
16ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5406/kooora/settings.js
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1eed70330e5c125cf9ab74ddd405b034c692ba6fc738082662bf0135ec4842b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 07:08:13 GMT
server: AkamaiNetStorage
etag: "e8af187f5c3e9a8febf87c34edb999e3:1638083293.288394"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1699
expires: Sun, 12 Dec 2021 21:32:36 GMT

GET
H2

200

opecs.gif
tagger.opecloud.com/dbm/
Redirect Chain

https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1
https://tagger.opecloud.com/dms/v2/custom-no-tagger?type=campaign&gender=m1&trackability-redirect=true
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-NUf7QDGjMzA9iBUKLPOyMc2mYmYf&source=dms
https://tagger.opecloud.com/dbm/opecs.gif?state=2-NUf7QDGjMzA9iBUKLPOyMc2mYmYf&source=dms&google_gid=CAESEKhB-Id1rNV3yZM79vxAoF0&google_cver=1

35 B
211 B

15ms
15ms

Image
image/gif

3.64.158.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/dbm/opecs.gif?state=2-NUf7QDGjMzA9iBUKLPOyMc2mYmYf&source=dms&google_gid=CAESEKhB-Id1rNV3yZM79vxAoF0&google_cver=1
Protocol: H2
Server: 3.64.158.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-158-25.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tagger.opecloud.com/dbm/opecs.gif?state=2-NUf7QDGjMzA9iBUKLPOyMc2mYmYf&source=dms&google_gid=CAESEKhB-Id1rNV3yZM79vxAoF0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 351
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

opecs.gif
tagger.opecloud.com/dbm/
Redirect Chain

https://tagger.opecloud.com/dms/v2/pixel.gif?url=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&ref=&tz=0&screen=1600x1200x24&tref=&cmpstatus=notrequired&tcString=undefined&uspstatus=undefined
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-htiadu1mVH9KSrRjnNk1y1hA2LSs&source=dms
https://tagger.opecloud.com/dbm/opecs.gif?state=2-htiadu1mVH9KSrRjnNk1y1hA2LSs&source=dms&google_gid=CAESEKhB-Id1rNV3yZM79vxAoF0&google_cver=1

35 B
211 B

15ms
15ms

Image
image/gif

3.64.158.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/dbm/opecs.gif?state=2-htiadu1mVH9KSrRjnNk1y1hA2LSs&source=dms&google_gid=CAESEKhB-Id1rNV3yZM79vxAoF0&google_cver=1
Protocol: H2
Server: 3.64.158.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-158-25.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tagger.opecloud.com/dbm/opecs.gif?state=2-htiadu1mVH9KSrRjnNk1y1hA2LSs&source=dms&google_gid=CAESEKhB-Id1rNV3yZM79vxAoF0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 351
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/5406/translations/ 60 KB
6 KB 7ms
7ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5406/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f24fa2d58180c44d78dc768b8cbecd0da264adf6bef9611b7c2b2cb93d12aee0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 06:04:49 GMT
server: AkamaiNetStorage
etag: "1a895cf72ee7f4f4eb88a22e322d9602:1639029889.884624"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6186
expires: Sun, 12 Dec 2021 21:32:36 GMT

GET
H2 200 evidon-banner.js Show response
c.evidon.com/sitenotice/ 12 KB
4 KB 7ms
7ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-banner.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 90e96b8ddeddfd57732f5a8da1654a24c24e10692703d3cbaa203ba9164b1c0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 17:39:47 GMT
server: AkamaiNetStorage
etag: "d3cae5c9f2de37800cf22ffd4777e27c:1639071587.932535"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3311
expires: Sun, 12 Dec 2021 21:32:36 GMT

GET
H2 204 2
l.evidon.com/site/v3/5406/14054/3/1/2/ 0
120 B 349ms
110ms Image
text/plain 54.161.40.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/5406/14054/3/1/2/2?consent=0&regulationid=0&regulationconsenttypeid=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.40.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-40-243.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 19178
l.evidon.com/site/v3/5406/14054/3/1/2/2/ 0
120 B 344ms
111ms Image
text/plain 54.161.40.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/5406/14054/3/1/2/2/19178?consent=0&regulationid=0&regulationconsenttypeid=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.40.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-40-243.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 19178
l.evidon.com/site/v3/5406/14054/3/4/2/2/ 0
121 B 337ms
110ms Image
text/plain 54.161.40.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/5406/14054/3/4/2/2/19178?consent=0&regulationid=0&regulationconsenttypeid=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.40.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-40-243.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
135 B 34ms
34ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: eb6823022ab5173c6429958e22aa359f383b50a2b08eaf1722c45468534870fc

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://m.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 70
via: 1.1 google

POST
H2 201 events Show response
api.permutive.com/v2.0/ 1 KB
915 B 17ms
17ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/events?enrich=true&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: c108ad144449d35757fb7b4815facc7a3e88895bea6a4844d7051b1766be213f

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://m.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 843
via: 1.1 google

GET
H2 200 learn
ae-gmtdmp.mookie1.com/t/v2/ 43 B
608 B 55ms
16ms Image
image/gif 35.186.238.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_969251&src.rand=%5Btimestamp%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.238.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:36 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 53ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.kooora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.kooora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 152 KB
44 KB 407ms
406ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3415468924663519&correlator=2958628258803782&output=ldjh&impl=fifs&eid=44752540&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211210&iu_parts=7229%3A22367575525%2CKooora%2CHomepage%2Cwebinterstitial&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C1x1%2C1x1%2C1x1%2C2x2%2C2x2&ists=20&fas=0%2C8%2C0%2C0%2C0%2C0&prev_scp=pos%3DLeaderboard%26adslot%3DLeaderboard%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cpos%3Dwebinterstitial%7Cadslot%3DSkinning%26pos%3Dinskin%2Cjustpremium%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cadslot%3DOOP%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cpos%3DN_W_Homepage%26MVPlacementKey%3Dtop%7Cpos%3DN_W_Homepage%26MVPlacementKey%3Dbottom&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26permutive%3D23620%252C29955%252C30033%252C30937%252C30940%252C31303%252C32849%252C32850%252C39078%252C59108%252C74931%252Crts%26puid%3Dca1ca27a-0f57-4b8b-8b28-07efcfdb0180%26ptime%3D1639171955070%26pt%3Dhomepage%26platform%3Dweb%26topic%3D%25D8%25A7%25D9%2584%25D8%25B1%25D8%25A6%25D9%258A%25D8%25B3%25D9%258A%25D8%25A9%26country%3D__%26path%3Dmkoooracom%252Fdefaultaspx%26pathlv1%3Ddefaultaspx&cookie_enabled=1&bc=31&abxe=1&lmt=1639171956&dt=1639171956700&dlt=1639171954352&idt=376&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C-9%2C0%2C0%2C799%2C799&adys=1348%2C-9%2C0%2C0%2C1633%2C1988&adks=1849622489%2C1134439404%2C1073378467%2C3238449015%2C3314042845%2C3314042817&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1594x7535%7C0x-1%7C1600x7987%7C1600x7987%7C1594x281%7C1594x1253&msz=1594x0%7C0x-1%7C1600x-1%7C1600x-1%7C1594x8%7C1594x8&ga_vid=225748511.1639171955&ga_sid=1639171957&ga_hid=1654604327&ga_fc=true&fws=0%2C2%2C0%2C0%2C4%2C4&ohw=0%2C0%2C0%2C0%2C1594%2C1594&btvi=1%7C-1%7C0%7C0%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

deb9ddcde77a5217a5cb455fb4e4138b66236e751f5a6bba374ed0032b8864cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44563
x-xss-protection: 0
google-lineitem-id: -1,-1,5852634670,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138374289852,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.kooora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 45ms
22ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99453f14bce468436879a9c70494e0a1965769f68d41d51848e6d91f324e6268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8479
x-xss-protection: 0

GET
H2 200 container.html Show response
bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6685 6 KB
4 KB 66ms
15ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 10 Dec 2021 21:32:36 GMT
expires: Sat, 10 Dec 2022 21:32:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 24ms
24ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Dec 2021 21:32:36 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Fri, 10 Dec 2021 21:32:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C2D 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 10 Dec 2021 20:17:17 GMT
expires: Sat, 10 Dec 2022 20:17:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F25C 783 B
535 B 35ms
17ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2c1f9b0cb7ebe8cf14f7ef5b6eb055c9da0f473942ca0af28c73da59cf4166f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-78Dp3oS9L7eZOtsfvH5i6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 10 Dec 2021 21:32:36 GMT
date: Fri, 10 Dec 2021 21:32:36 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-78Dp3oS9L7eZOtsfvH5i6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C2D 35 KB
13 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 20:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 20:14:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F25C 0
0 56ms
47ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3415468924663519&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3415468924663519&bg=!FRalFlLNAAZKWFskSlg7ACkAdvg8WsmvvVjPl8mTwpsWgf3abVsR2YZCdFNgy-OS_BRY1UmPAQFR1wIAAABDUgAAAAxoAQeZAriKKnYs2xbbpnjwM5Sr4iswGHFQ_EvexXpP6qzXqZcMLsJa1DqQ_L3nm094OYIyyQX8iHFZSWFZMdrJGXSMTZZn4tS9B21KXvEEc5Bu7K03NdjZYupU57gZ_UFwWauHiNOQkYtlhmKEFgXO5MornrATzmIGLcPRryGbRm0w4mNlEETHIWNfjTZRoB0ts35kmLZfL-Y_NEPxJ46wNDJ1NIFYsuUT0IRkfGNX5BDqOa5sEdE0sDJyHJpQ3cSGAuzCL9GYaZDjQYmEf4FThTLNwAq0A9xgoS5jNDVxXrUCkwsRhp4lU-qlfk7-qUko3PDmUPdlTAJmUX8K3F-BoiqqQrVdZqsxhwFFpoC4ZVNPmdHZLBbG-DSARb3DOVdLjh_f8WNCWGeChzS7IBSXSKKzZ2oKKoBFjGL8LwHbV3BOyx5BneKy5edrtHo_PCUYeHSTeDjPuvK6eM0Sv5UR_a6MipIPmLXCigwkOnE-x8Guf4hMIeJcPymMEAi_lqXfAMBnpjxCxXnsC8oVeN3UsIwlShCQFTR0MQ_1h50IwXctcsCK1jWnzIHoEaB5YSYN9q9aetmWgVDkeE7O0KRPM8yyUM9xfH6QPqgSDP9pLOd0pAedp4hgju-nngbA6ZX2FFLXJgf8bMy4yL0gMZMBookaCovLdaIuWkGnIvj3i-MQJGUVkXiw5scy11twvOSTVNuL32Zbk7xJRtJj3FpcThBVQlnN5-CGJDDw0ikEOTcNfBJQChHC2MJokz6vEtXynaSbA0Ake7CNnYsi26jXcCM7xWreQ3tDKn0cnz2mo5XnYMMrb1SSd6zMlW2ODbaSv5EF09bY1WXyg3Auh_TOClm8tYLKswZZ1c_VCiGQ5Hhz506MmBEf4Itf1X8XHq70ZchMcfNG2kHAha_yve1cASrBDJF5iOc9NauMsJY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
178 B 16ms
16ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: a73b1497a430021c5e5278986284162f980b5c7126a240618694ad6c70ef39e4

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://m.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 110
via: 1.1 google

GET
H3 200 container.html Show response
bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CEF6 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 10 Dec 2021 21:32:36 GMT
expires: Sat, 10 Dec 2022 21:32:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1639171954446&de=541644405580&rx=451608890122&m=0&ar=180417bf1d6-clean&iw=52e9e05&q=1&cb=0&cu=1639171954446&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&zGSRC=1&gu=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&id=1&ii=4&bo=Kooora&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A430%3A430%3A1328%3A384&fs=196087&na=1990062716&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H3 200 container.html Show response
bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FADB 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 10 Dec 2021 21:32:36 GMT
expires: Sat, 10 Dec 2022 21:32:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82BA 0
0 41ms
41ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJzZtTHWkujU92KVG8XEj_AnTCdpODOcwqd1GCSajiyN8D2NtJWfHzAWg1OK-hOmlpFXj00_r2Y1_mb8dQ-hTau7K9zeQn7QBlANfFcAe_XixijcALzZ9Uz3v6TjdI-zaGP36P0wqUb7lgI0B4g0F9FqYqTyP_L37A2w_UFoqbB89n_2QebA8orr9Fo-IUYeTjatQFdJetdiL1PWfF-HF9me2ysu02RF-JW7b1rgZ1nkOY-6JN1BPL8UPUP5uTFVltsQZQ6w3uY6UrW82HJjQ2ajAVmqxecVf2ah3I2d2_ZRFrvvkuVIgkQl3gChp_T-EGrA&sig=Cg0ArKJSzLv1DyEzT8-IEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 21:32:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 3fa6337ffc1e0d497ac2f894b4ae7084.js Show response
scripts.cleverwebserver.com/ 145 KB
53 KB 70ms
34ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/3fa6337ffc1e0d497ac2f894b4ae7084.js
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c5095db3c914b620bf19dd83c2cb80b6c5ff0fc86115aae33184d369bc4b9dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 539
x-amz-request-id: PV73G62VKRWFFC0B
x-amz-id-2: zb0DrgwfHEYGvFO/RTBmHUUbtX521FT+WhGFhRYuAmA0IFalcd5oqbRiqwisdO5kwXZAFxf5Zv0=
last-modified: Wed, 01 Dec 2021 05:41:59 GMT
server: cloudflare
etag: W/"554bb056bd8c669f81a97864c2e48b1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: _ZjutH2wd.PkgwENdN5BsOCieWhfIrB2
cf-ray: 6bb9963c79154aaa-FRA
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82BA 119 KB
37 KB 36ms
21ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/choueirigroupdfp451918234534/ Frame 82BA 12 KB
5 KB 7ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/choueirigroupdfp451918234534/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ebcc84cb54d0f9bd1fefa967f7d0849bf0eab06e40cbf6ea2a04870ce4971d53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 19:18:50 GMT
server: AmazonS3
x-amz-request-id: 3C2D4A51JJCAJYE9
etag: "532db099e181e61b5a5261da794db9b7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=57366
accept-ranges: bytes
content-length: 4364
x-amz-id-2: WBtZPi6eBUOZtrFY4zUQ+rdtskvN77yYpzZhtJ98gBMH8uxtbDwA/2Npa5XN+cnjkgMxW+iGgio=

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=webinterstitial&wf=1&ra=3&pxm=2&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1639171954446&de=31877004851&rx=451608890122&m=0&ar=180417bf1d6-clean&iw=52e9e05&q=2&cb=0&cu=1639171954446&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A5660819029%3A138345421001&cm=1&zGSRC=1&gu=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&id=1&ii=4&bo=Kooora&bd=webinterstitial&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A430%3A430%3A1328%3A384&fs=196087&na=306908504&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 192E 624 B
733 B 53ms
17ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjUwLyZATAB&v=APEucNXSWbd9lt-KjYRHqrLZU5JHa6eoW8CtfUXep2zQ5KJcHGce_xXfRLE7UXK6gpGzHrIBCDYTaLHJXbUvSJpkcds9gTMOgQ2YjzfaSuOoWZ_xq4dOlmz3ZE94S6LKSjCgr78R_Zt3eWx9W4HIgCkjpdXV69kxtMznnv_k-OnqeT-bjceEi2E

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 10 Dec 2021 21:32:37 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CEF6 75 KB
31 KB 98ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Am_Jjx0ayWWJq6IM0HnWyE0iwMh_w3wmGhyN_FlB1Ox5M20EIqYWjJBKtjLRJFC--I6CJg4r6ov2ox2VrZjcN6cjTSeQE8wl93z-Gt7p3fYOuQO70bqUVSfTcJ_uMPtbXhCjHpG21ogct4ycLgXnyX4GJjAA&dbm_d=AKAmf-BFBKOXCHymhmbPjlWQiLRSOBDTQJsFrNB4OnncFL9_pfx4QTAej1sRZ9O4ur1kFzmlFhf-OwmutCnb7HF7cz_9brT0v56dd8w6uPBwYCWkTM-VvBPcCfxPg0ZvMJZeM9QOUO9SMrY0IJ1sojmtBRSU8A1koWXSiEduk2uCu-BfnoQYtZ4cMcCk9VaUGkqAtFW4aTTw25m0iDNklWUIU-Aj_n86fJ5ZBA7MLGlucgLYYb2WThfOUt2AjBCtMKWPYmm-hUOi2sEJ5-nq8jwPKiKmITugYoMTLDaii-dldGglMkkwEU91wI43n_a3WTmERZ7D3MBuwoHdMeLWRqi2s_JLQOHjWexAvS3z7XzeL3kDcFgMQYcEX59esHCIFyLsce3JX7jSgjeqM0E4vZJaAeLH6VRHzRElpCOvEI8u4CncMWaYh11Yw9j1EvTZUhRusnzqQuBqlhd4a65-sPDRXPWLd7wjbKSRZn7f4Cx_0VzvTkhJjPPoikBXyt9h8hvVVuaGu4-cv6BG6TD6ptpraxN-3YkmEH6bRHUQIfefdUTSnSVoYDQ1v6haRUMlMLYg0xBPPyYq6dRvd0QuszV9TRLqMjvupLNA01-cqW8mywQ8LBcAIbJmgDCIavrh-RFcFCmdWbkFXI8JnN8hdFoPDAYeq96zT6gqVZjVqzKoyeNLggvSRzfk1SngEIEXPEZ_UePbK1bqj5Y7eueAJJ_SawhGUzmzh0vCj_luUZp3u7jrmA4nCiSWkVgNzH6f_WNpVCBxxs-wUDeLG6Qv4Mnb8DXXYkNxgwSuzJLT1_rgZtYjV7HLSEkCIcTTTl7EftbEMrvgH3Q3iQSVzew3BR0_ii2HobQ11WHwCeYahkr4ggWwVY7J9fzSFVHKU9t_hHHksY4eOp-wLvEmN5wP48RmyZVH2auwNtBVG1pa4B8uflvwuObtx6dr_teRs5hI6H2YgDV4sN5TlRUlzCNzWKfcFO1cD0t_G4lj1t7pAhMckQNlB6pHiAjkm33Byq390LSZhgsU4zWtFlO2_9FeFNcUO0Ch8V51W44e_az7PLqrrBclsSoQ_1LaS7-mCyzBx0a8QMTVMbv-49idHD5uEnsY7tu0L8qmkdEMP84WEfTp4pR31MPhrYrsGaLSvOewGr7iDefeDDpha-nzLTJllc1FPL58VT1c_ZdKmXGt9h2MKIZQACCwf_aDPp9Jgtyz-z6J5n52nZAU69iaEiH_gAjUZnhpmY6juwp8ESqnfJJZo79J6-9xgKLHj2W9dYT_BvUsdMbDaVGFhvc3Wxqd1ku2JK8N6ap-SlRltBzopX86S8JZsss5FcMfUIzNlPJ1d769iewHZrwIpEdlgR56GvC6GAheBbEq1-29Xl-LqCjI7KeJzU57pEzYXc9iQp6cmBvlneXlLRgpaOFLozq_gv0k_t5iOkGvGe7i9YA6yECLu1lRTMO2kpY2pIJY4L6X_hwYdnByIxQfuL7D0Je9RHorzv0VwLYVDWcR67CX0pbtehSBRWabEQS_-0Y8rDfhwxBMC6O1K-pgbSL59ax0-7JYXZucPemQN-WD2f_hcD4jzXS4Rf9vbUuBAYEdnLMITHcWg_6X1L5CLUmc6Pfw0V0BuaeKUAfBLVDbvzVLVKz895e_gHQM1mpIsc0fBuT3ou1hTM_ApV-v-yR19RhfgSe2iikAc773cUxxHUFJBTMTcTxOru8XcSQOtVIcW9f2lI0bDPBkKonKZqj9PHysTb9ixIKwCRNfoWSSwQ1dA_3KMOPh39ys4tnMQ5dmfhuxtJYVtIxtYZ7nHOjv6L1OSczA8oT39lXvG8x0UX_q6O4IgLgIDrU9ffzMp944exMN8GYddtLLpP23_mFU5gtBjhwo-gkktd7WiNm27JZ2cyJhtB6ed1RB1G7mMLfOKK5kPlpo21R0bKYDccjvj83_aw-uI4ONVadNBVZ9LhbZVJlHmPhMBZNfshmrqm8L2bme-t7FG_JRDMi992I7j2jhyo61yUJxNK_kjCZoql9l0zMPNDPYamOjQ0jfM1GZGu7wHuINLZxKJbZtvn2AoKg-lAD2MsYbwx88Pzxbvria42ijwNgZUtQ99mwxqiUSZyLbvlnaeIkCYaiAktGowDX9hhsUqCe0fl4c33r9K7ZbH97vEyD6My4HMLrtEtNMuRR6hqyjVfsMwnVKwENRXqWSHCAwMEosFFsMb6rnmCaSxm22GMtkQ8CIRa0c8ffQ7ylct5IWuS6JlfRsmZqSRFv-7tj0GbNYCuTf34X9gJIauxpUhYVaPU28RS6pPu443mW0sNLKJil43NMMF91sbVOjLmSTLvPMLb2kw1zLBb2E_H0dbwuCw05XFZBq-iBfxqCGBCfTUku5P3dMxDXajiXHeRtH0hBkBA7-2YZVVjlUidFUuMxBanmrCTGF4mwOfMuOx72wo2N1XwmopkeUJeOK56tjdKxr-7k_YaqllW0KmjkMYWYGX05Xu7-xdSwZtTwaU3KdJeafX_EsYUqu4L8GMyiP869WO3VZXundfjJbT2s7ac0BZ_1Xvt8oyx88xNxFlA-wjfRAr6WToxie3uAnMmcpyUWlp4COGZJBZZAsMLhA4J1Nhjm2p-vase8uBVrvXJCv0nr4IugCEYX4d5gOGwucz-Z-Y4Ir3hPjCFVmbyB7QT5m1dearuusx0iqJiH5y3tu_2gLlEOomnF8l1LVhxKi3oRIQbgUZRJKCaBDI5JS4CmXtObHh4XQYCurC3UheHen7SaKd8u3nSLB1gSzQyeYjI1ahJvjKHejatnlHNDqM0umctdbKk4-S1dPUWHTRVscFG4k_INYDdVjCjtJt9Jm-Xqg5TU9jnqnAegvPI_G7zrQqznmrNCSfG6X9357CHDO1RGVM5zc70739sA8pYHHHeC3BqzahId8zwB8wvYTn7bjBZ0T65LLTIGnZroYqfLYnx6BH92zHwarvHsWxaHhvEnigJAJDBn9wiMDeXhBszSL-k7HcaFOTF-xeZ8VxiJYRReOXlHiIAQcrNxq91zOy12CrSrdKzJssOBIYQ3s7hca7BUfLr2gGuHE8vt-TCeo6ADMIMFsUUwndi8a0-IsvD7KQMFeEE-GJkrvqriwH71e10rW3qk&cid=CAASEuRoQRN-N-NaYXOaJWDv9LOJfw&rfl=1%2Chttps%253A%252F%252Fm.kooora.com%252F%240

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

438c9d3c2003c03f0c8a5414323b96061d09f6feb5ad1fccf0bbf04f88628e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31253
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEF6 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpXq_x4H39elVbIeIIpS5lCc12jcJ2sWmIhVRndgRlRavSqo4LqpkFNwxPMfkf0jnHYekDsTKLaQDkOK372vmXJ-eLnLhy-4yTD9MxVwAX3f4GDaU

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame CEF6 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Dec 2021 21:30:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEF6 119 KB
37 KB 24ms
20ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame CEF6 15 KB
6 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Dec 2021 21:29:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CEF6 0
0 17ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxWSgKA_gRXyowqPA6kx-pilmkslOdTuqGPz_ImQC7bPhkEzzw-hRMexSHOvksZ1X-KolHgsOEdwNVuRrjWHf70bKKtA
Requested by: Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 css2
fonts.googleapis.com/ Frame FADB 4 KB
1 KB 47ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 20:41:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 10 Dec 2021 21:32:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame D4CC 1 KB
880 B 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Dec 2021 21:24:56 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame D4CC 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Dec 2021 21:29:28 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame D4CC 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Dec 2021 21:30:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4CC 119 KB
36 KB 19ms
19ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame D4CC 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Dec 2021 21:29:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D4CC 0
0 17ms
16ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9OvNzFKcs493_SSY1-RMdyhTYPwZ-irT6a8QdIKrQ-9ifKP-60ncch8fR7Gmrx8WbIkh6bYcfbt7IuUKrVcTQ31Ap4A
Requested by: Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame D4CC 27 KB
12 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 19:06:50 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame FADB 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
server: cafe
etag: 3177319193432224586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Dec 2021 21:14:36 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FADB 205 B
519 B 34ms
9ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 09:26:00 GMT
x-content-type-options: nosniff
age: 43597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 10 Dec 2022 09:26:00 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FADB 604 B
695 B 34ms
9ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:10:59 GMT
x-content-type-options: nosniff
age: 22898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 10 Dec 2022 15:10:59 GMT

GET
DATA 200
OK truncated
/ Frame 82BA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97c3a778394344f831e075ac9f1414f6d86628d77dca76c6caea59dcf6fa3a10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ Frame 82BA 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=CHOUEIRIGROUPDFP1%3A223617791%3A224594951%3A-&de=698908722516&t=1639171957242&i=MOAT_FEATHER_DEBUG1&gw=choueirigroupdfp451918234534&cm=1&ac=1&f=0&bq=0&ar=0f32f0cf010-clean&iw=a94a84d&dMoatOQs=moatClientLevel1%3D4623254331%26moatClientLevel2%3D2947449358%26moatClientLevel3%3D5852634670%26moatClientLevel4%3D138374289852%26moatClientSlicer1%3D223617791%26moatClientSlicer2%3D224594951%26zMoatAdSlot%3DSkinning%26zMoatMSafety%3Dsafe%26zMoatMGV%3DslotNoSlotData%26zMoatTPC%3D%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%26zMoatPlatform%3Dweb%26zMoatSTPC%3D%26zMoatPS%3Dinskin%2Cjustpremium%26zMoatMMV%3DslotNoSlotData%26zMoatSZ%3D1x1%26zMoatPT%3Dhomepage%26zMoatMData%3D1&fq=1&sy=1&gh=0&wb=0&g=0&na=1607572879&cs=0
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 9ms
9ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP1&hp=1&wf=1&ra=6&pxm=2&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1639171954446&de=491352603042&rx=451608890122&m=0&ar=180417bf1d6-clean&iw=52e9e05&q=3&cb=0&cu=1639171954446&ll=2&lm=0&ln=0&em=0&en=0&d=4623254331%3A2947449358%3A5852634670%3A138374289852&cm=1&zMoatSZ=1x1&zMoatPS=inskin%2Cjustpremium&zMoatBLOCK=true&zMoatMMV_MAX=slotNoSlotData&zMoatMData=1&zMoatMSafety=safe&zMoatMGV_MAX=slotNoSlotData&zMoatMMV=slotNoSlotData&zMoatMGV=slotNoSlotData&zMoatTPC=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&zMoatSTPC=-&zMoatPT=homepage&zMoatNative=-&zMoatSlotName=-&zMoatPlatform=web&zMoatAdSlot=Skinning&zMoatCURL=m.kooora.com%2Fdefault.aspx&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&id=1&ii=4&bo=223617791&bd=224594951&zMoatOrigSlicer1=223617791&zMoatOrigSlicer2=224594951&zMoatDomain=kooora.com&zMoatSubdomain=m.kooora.com&dfp=0%2C1&la=224594951&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A430%3A430%3A1328%3A384&tz=Skinning&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=safe&fs=196087&na=1877609105&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3B60 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 10 Dec 2021 05:53:44 GMT
expires: Sat, 11 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 56333
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
v2-ui.cleverwebserver.com/ 144 B
186 B 78ms
68ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2-ui.cleverwebserver.com/
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ea0502231c3a134cc21090a3f9b131fd3d7e3bc2628caf62974307ed990ab03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6bb9963d2a434aaa-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82BA 0
0 42ms
42ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6RzkwTng8r9_4EmJssEkI6vRii989gp3I8AwBRj2Df0mnL0O7Y6E1FQIPl65uwPJ3-C3K-PN8qwGHwoZpuu72cBTVfvegBlFzM-O4YL-mVmlUIX1-rpE7KEqc_7OsgWTuLd5l_nesFA3i6Mc5Y2M_k_-vTghty7BX8C4rvl-QAb-zXil5sb8woLJerV18GfbIKOoZEaBCVLGyq8R7EeloKdz9QiyGvEuZiKZEjLQO84V1LF_OIBiMPdlCxh2S_KEH-lAbJgG0D-D5WaEAPst8vDzSfVfngLw-v4Kl8vwy0qDWkZq8Gw&sig=Cg0ArKJSzJAR4Uy--R2sEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 21:32:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=2&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=https%3A%2F%2Fm.kooora.com%2FBODY&i=CHOUEIRIGROUPDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-E0xt5j9Bn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-odKx0GC5X%2FcYUw%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&pcode=choueirigroupheaderdfp445340272806&rx=451608890122&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&wp=3&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=1200&w=1600&rm=1&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&id=1&ii=4&f=0&j=&t=1639171954446&de=491352603042&cu=1639171954446&m=2804&ar=180417bf1d6-clean&iw=52e9e05&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8047&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A430%3A430%3A1328%3A384&as=0&ag=43&an=0&gf=43&gg=0&ix=43&ic=43&ez=1&aj=1&pg=100&pf=0&cc=0&bw=43&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=85&cd=0&ah=85&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4623254331%3A2947449358%3A5852634670%3A138374289852&cm=1&bo=223617791&bd=224594951&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=223617791&zMoatOrigSlicer2=224594951&zMoatDomain=kooora.com&zMoatSubdomain=m.kooora.com&dfp=0%2C1&la=224594951&zMoatSZ=1x1&zMoatPS=inskin%2Cjustpremium&zMoatBLOCK=true&zMoatMMV_MAX=slotNoSlotData&zMoatMData=1&zMoatMSafety=safe&zMoatMGV_MAX=slotNoSlotData&zMoatMMV=slotNoSlotData&zMoatMGV=slotNoSlotData&zMoatTPC=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&zMoatSTPC=-&zMoatPT=homepage&zMoatNative=-&zMoatSlotName=-&zMoatPlatform=web&zMoatAdSlot=Skinning&zMoatCURL=m.kooora.com%2Fdefault.aspx&zMoatDev=Desktop&hv=WALLPAPER_RELATIVE&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=Skinning&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=safe&tc=0&fs=196087&na=262590450&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 192E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnNFKyN2Bd3kDj38nWpGZQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnNFKyN2Bd3kDj38nWpGZQ&google_cver=1&C=1

43 B
894 B

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnNFKyN2Bd3kDj38nWpGZQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjUwLyZATAB&v=APEucNXSWbd9lt-KjYRHqrLZU5JHa6eoW8CtfUXep2zQ5KJcHGce_xXfRLE7UXK6gpGzHrIBCDYTaLHJXbUvSJpkcds9gTMOgQ2YjzfaSuOoWZ_xq4dOlmz3ZE94S6LKSjCgr78R_Zt3eWx9W4HIgCkjpdXV69kxtMznnv_k-OnqeT-bjceEi2E
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 10 Dec 2021 21:32:37 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnNFKyN2Bd3kDj38nWpGZQ&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 192E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbPHdf-1RgdGgbS263nxDwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnNFKyN2Bd3kDj38nWpGZQ&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnNFKyN2Bd3kDj38nWpGZQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjUwLyZATAB&v=APEucNXSWbd9lt-KjYRHqrLZU5JHa6eoW8CtfUXep2zQ5KJcHGce_xXfRLE7UXK6gpGzHrIBCDYTaLHJXbUvSJpkcds9gTMOgQ2YjzfaSuOoWZ_xq4dOlmz3ZE94S6LKSjCgr78R_Zt3eWx9W4HIgCkjpdXV69kxtMznnv_k-OnqeT-bjceEi2E
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 10 Dec 2021 21:32:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnNFKyN2Bd3kDj38nWpGZQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 192E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJPrJhY-oOxkINN2Yf_f2u4&google_cver=1

43 B
1006 B

39ms
15ms

Image
image/gif

185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJPrJhY-oOxkINN2Yf_f2u4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjUwLyZATAB&v=APEucNXSWbd9lt-KjYRHqrLZU5JHa6eoW8CtfUXep2zQ5KJcHGce_xXfRLE7UXK6gpGzHrIBCDYTaLHJXbUvSJpkcds9gTMOgQ2YjzfaSuOoWZ_xq4dOlmz3ZE94S6LKSjCgr78R_Zt3eWx9W4HIgCkjpdXV69kxtMznnv_k-OnqeT-bjceEi2E

Protocol

HTTP/1.1

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:37 GMT
X-Proxy-Origin: 168.119.25.193; 168.119.25.193; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 139a6ee5-379f-4801-b25d-c0cf34a923a2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJPrJhY-oOxkINN2Yf_f2u4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 192E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAxOTY2OTYxOTAwNDk3NzM0MQ%3D%3D

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAxOTY2OTYxOTAwNDk3NzM0MQ%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:37 GMT
X-Proxy-Origin: 168.119.25.193; 168.119.25.193; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 10d5e451-2b34-4308-92cc-3e84b1972c36
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAxOTY2OTYxOTAwNDk3NzM0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 51316.php
sender.clevernt.com/transporter/ 43 B
101 B 180ms
71ms Image
image/gif 148.69.64.76
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sender.clevernt.com/transporter/51316.php?ppuc=0&ppu=0&id=0&ref=aHR0cHM6Ly9tLmtvb29yYS5jb20vZGVmYXVsdC5hc3B4&ruri=&r=668215975&tok=33419711310201791433&op=called&wn=null&res=1600x1200&ts=0.003&cc=1&iv=-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.69.64.76 Rio Tinto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS: are.clevernt.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
server: nginx
content-type: image/gif

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame CEF6 169 KB
59 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
Origin: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Dec 2021 15:45:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame CEF6 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Am_Jjx0ayWWJq6IM0HnWyE0iwMh_w3wmGhyN_FlB1Ox5M20EIqYWjJBKtjLRJFC--I6CJg4r6ov2ox2VrZjcN6cjTSeQE8wl93z-Gt7p3fYOuQO70bqUVSfTcJ_uMPtbXhCjHpG21ogct4ycLgXnyX4GJjAA&dbm_d=AKAmf-BFBKOXCHymhmbPjlWQiLRSOBDTQJsFrNB4OnncFL9_pfx4QTAej1sRZ9O4ur1kFzmlFhf-OwmutCnb7HF7cz_9brT0v56dd8w6uPBwYCWkTM-VvBPcCfxPg0ZvMJZeM9QOUO9SMrY0IJ1sojmtBRSU8A1koWXSiEduk2uCu-BfnoQYtZ4cMcCk9VaUGkqAtFW4aTTw25m0iDNklWUIU-Aj_n86fJ5ZBA7MLGlucgLYYb2WThfOUt2AjBCtMKWPYmm-hUOi2sEJ5-nq8jwPKiKmITugYoMTLDaii-dldGglMkkwEU91wI43n_a3WTmERZ7D3MBuwoHdMeLWRqi2s_JLQOHjWexAvS3z7XzeL3kDcFgMQYcEX59esHCIFyLsce3JX7jSgjeqM0E4vZJaAeLH6VRHzRElpCOvEI8u4CncMWaYh11Yw9j1EvTZUhRusnzqQuBqlhd4a65-sPDRXPWLd7wjbKSRZn7f4Cx_0VzvTkhJjPPoikBXyt9h8hvVVuaGu4-cv6BG6TD6ptpraxN-3YkmEH6bRHUQIfefdUTSnSVoYDQ1v6haRUMlMLYg0xBPPyYq6dRvd0QuszV9TRLqMjvupLNA01-cqW8mywQ8LBcAIbJmgDCIavrh-RFcFCmdWbkFXI8JnN8hdFoPDAYeq96zT6gqVZjVqzKoyeNLggvSRzfk1SngEIEXPEZ_UePbK1bqj5Y7eueAJJ_SawhGUzmzh0vCj_luUZp3u7jrmA4nCiSWkVgNzH6f_WNpVCBxxs-wUDeLG6Qv4Mnb8DXXYkNxgwSuzJLT1_rgZtYjV7HLSEkCIcTTTl7EftbEMrvgH3Q3iQSVzew3BR0_ii2HobQ11WHwCeYahkr4ggWwVY7J9fzSFVHKU9t_hHHksY4eOp-wLvEmN5wP48RmyZVH2auwNtBVG1pa4B8uflvwuObtx6dr_teRs5hI6H2YgDV4sN5TlRUlzCNzWKfcFO1cD0t_G4lj1t7pAhMckQNlB6pHiAjkm33Byq390LSZhgsU4zWtFlO2_9FeFNcUO0Ch8V51W44e_az7PLqrrBclsSoQ_1LaS7-mCyzBx0a8QMTVMbv-49idHD5uEnsY7tu0L8qmkdEMP84WEfTp4pR31MPhrYrsGaLSvOewGr7iDefeDDpha-nzLTJllc1FPL58VT1c_ZdKmXGt9h2MKIZQACCwf_aDPp9Jgtyz-z6J5n52nZAU69iaEiH_gAjUZnhpmY6juwp8ESqnfJJZo79J6-9xgKLHj2W9dYT_BvUsdMbDaVGFhvc3Wxqd1ku2JK8N6ap-SlRltBzopX86S8JZsss5FcMfUIzNlPJ1d769iewHZrwIpEdlgR56GvC6GAheBbEq1-29Xl-LqCjI7KeJzU57pEzYXc9iQp6cmBvlneXlLRgpaOFLozq_gv0k_t5iOkGvGe7i9YA6yECLu1lRTMO2kpY2pIJY4L6X_hwYdnByIxQfuL7D0Je9RHorzv0VwLYVDWcR67CX0pbtehSBRWabEQS_-0Y8rDfhwxBMC6O1K-pgbSL59ax0-7JYXZucPemQN-WD2f_hcD4jzXS4Rf9vbUuBAYEdnLMITHcWg_6X1L5CLUmc6Pfw0V0BuaeKUAfBLVDbvzVLVKz895e_gHQM1mpIsc0fBuT3ou1hTM_ApV-v-yR19RhfgSe2iikAc773cUxxHUFJBTMTcTxOru8XcSQOtVIcW9f2lI0bDPBkKonKZqj9PHysTb9ixIKwCRNfoWSSwQ1dA_3KMOPh39ys4tnMQ5dmfhuxtJYVtIxtYZ7nHOjv6L1OSczA8oT39lXvG8x0UX_q6O4IgLgIDrU9ffzMp944exMN8GYddtLLpP23_mFU5gtBjhwo-gkktd7WiNm27JZ2cyJhtB6ed1RB1G7mMLfOKK5kPlpo21R0bKYDccjvj83_aw-uI4ONVadNBVZ9LhbZVJlHmPhMBZNfshmrqm8L2bme-t7FG_JRDMi992I7j2jhyo61yUJxNK_kjCZoql9l0zMPNDPYamOjQ0jfM1GZGu7wHuINLZxKJbZtvn2AoKg-lAD2MsYbwx88Pzxbvria42ijwNgZUtQ99mwxqiUSZyLbvlnaeIkCYaiAktGowDX9hhsUqCe0fl4c33r9K7ZbH97vEyD6My4HMLrtEtNMuRR6hqyjVfsMwnVKwENRXqWSHCAwMEosFFsMb6rnmCaSxm22GMtkQ8CIRa0c8ffQ7ylct5IWuS6JlfRsmZqSRFv-7tj0GbNYCuTf34X9gJIauxpUhYVaPU28RS6pPu443mW0sNLKJil43NMMF91sbVOjLmSTLvPMLb2kw1zLBb2E_H0dbwuCw05XFZBq-iBfxqCGBCfTUku5P3dMxDXajiXHeRtH0hBkBA7-2YZVVjlUidFUuMxBanmrCTGF4mwOfMuOx72wo2N1XwmopkeUJeOK56tjdKxr-7k_YaqllW0KmjkMYWYGX05Xu7-xdSwZtTwaU3KdJeafX_EsYUqu4L8GMyiP869WO3VZXundfjJbT2s7ac0BZ_1Xvt8oyx88xNxFlA-wjfRAr6WToxie3uAnMmcpyUWlp4COGZJBZZAsMLhA4J1Nhjm2p-vase8uBVrvXJCv0nr4IugCEYX4d5gOGwucz-Z-Y4Ir3hPjCFVmbyB7QT5m1dearuusx0iqJiH5y3tu_2gLlEOomnF8l1LVhxKi3oRIQbgUZRJKCaBDI5JS4CmXtObHh4XQYCurC3UheHen7SaKd8u3nSLB1gSzQyeYjI1ahJvjKHejatnlHNDqM0umctdbKk4-S1dPUWHTRVscFG4k_INYDdVjCjtJt9Jm-Xqg5TU9jnqnAegvPI_G7zrQqznmrNCSfG6X9357CHDO1RGVM5zc70739sA8pYHHHeC3BqzahId8zwB8wvYTn7bjBZ0T65LLTIGnZroYqfLYnx6BH92zHwarvHsWxaHhvEnigJAJDBn9wiMDeXhBszSL-k7HcaFOTF-xeZ8VxiJYRReOXlHiIAQcrNxq91zOy12CrSrdKzJssOBIYQ3s7hca7BUfLr2gGuHE8vt-TCeo6ADMIMFsUUwndi8a0-IsvD7KQMFeEE-GJkrvqriwH71e10rW3qk&cid=CAASEuRoQRN-N-NaYXOaJWDv9LOJfw&rfl=1%2Chttps%253A%252F%252Fm.kooora.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Dec 2021 21:22:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame CEF6 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Dec 2021 21:21:32 GMT

GET /
google2waycm.netmng.com/cm/ Frame 3B60 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B60
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPsZerpGlNk2cp-dqZIh1pM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPsZerpGlNk2cp-dqZIh1pM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WUlMeWtpM1gxTVZOdm41&google_gid=CAESEPsZerpGlNk2cp-dqZIh1pM&google_cver=1&google_push=AYg5qPIh8vwFZGSpTrfJMiT1r6O2Gzk0T0ztV0mquKE8KhQ...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WUlMeWtpM1gxTVZOdm41&google_gid=CAESEPsZerpGlNk2cp-dqZIh1pM&google_cver=1&google_push=AYg5qPIh8vwFZGSpTrfJMiT1r6O2Gzk0T0ztV0mquKE8KhQqojq81kFbLeTfmhG3U9iwAadXOVHSl-Wo2G4s1pOaq4XZ8iA6bVFUVw

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 21:32:36 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0e9f0e24f4a2a06c9@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WUlMeWtpM1gxTVZOdm41&google_gid=CAESEPsZerpGlNk2cp-dqZIh1pM&google_cver=1&google_push=AYg5qPIh8vwFZGSpTrfJMiT1r6O2Gzk0T0ztV0mquKE8KhQqojq81kFbLeTfmhG3U9iwAadXOVHSl-Wo2G4s1pOaq4XZ8iA6bVFUVw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B60
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBLKXk4I6UvU_siIh68s5HM&google_push=AYg5qPLinSV-ntAn5pHJaQ9fku9XDF4HhOH3N2qV6U_U7ZUFLGDfqEVfZd...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBLKXk4I6UvU_siIh68s5HM&google_push=AYg5qPLinSV-ntAn5pHJaQ9fku9XDF4HhOH3N2qV6U_U7ZUFLGDfqEVfZdl73PQC9Qx2SqJKsSTcEHFfK-ZqMJWpiaAA3lZx2AKM

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1639171958.537098,VS0,VE93
x-served-by: cache-fra19161-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBLKXk4I6UvU_siIh68s5HM&google_push=AYg5qPLinSV-ntAn5pHJaQ9fku9XDF4HhOH3N2qV6U_U7ZUFLGDfqEVfZdl73PQC9Qx2SqJKsSTcEHFfK-ZqMJWpiaAA3lZx2AKM
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3B60 70 B
264 B 35ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFfot00pId8aySNiDKUuuSI&google_cver=1&google_push=AYg5qPJb1MYqKqmjmroHhw34Pq3tGGoo2AiWMQ6Bio0Gk57W1JefIcv84pm3PrvOlfbNhPEoaKHek6aqxeCWOknzuuPrSMBMTbdrwQ
Requested by: Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B60
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPJCu7V-ogR2gD7Iqole8W8&google_cver=1&google_push=AYg5qPK5JCSyBHMc0plsU2yWadxnDUWE6IU5LqnMRoiINJNPeqv9eJBkXUtiHtfTAxmdVwVp3yTDFRpL4Cy4cZ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDE4OTk0Nzg0OTQwNjYwNw%3D%3D&google_push=AYg5qPK5JCSyBHMc0plsU2yWadxnDUWE6IU5LqnMRoiINJNPeqv9eJBkXUtiHtfTAxmdVwVp3yTDFRpL4Cy4cZyNEZ...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDE4OTk0Nzg0OTQwNjYwNw%3D%3D&google_push=AYg5qPK5JCSyBHMc0plsU2yWadxnDUWE6IU5LqnMRoiINJNPeqv9eJBkXUtiHtfTAxmdVwVp3yTDFRpL4Cy4cZyNEZQCXBh-EEmZEw

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDE4OTk0Nzg0OTQwNjYwNw%3D%3D&google_push=AYg5qPK5JCSyBHMc0plsU2yWadxnDUWE6IU5LqnMRoiINJNPeqv9eJBkXUtiHtfTAxmdVwVp3yTDFRpL4Cy4cZyNEZQCXBh-EEmZEw
Date: Fri, 10 Dec 2021 21:32:37 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B60
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDKPJtDDn5ZS2lvH9_0pjoQ&google_cver=1&google_push=AYg5qPLRKKwUUrwi2vyi__N573Ww-AwyLmjfNhKuoVYNVtoLsxH2HJqDNJQl96yoUvx314nstI7z3k-W...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDKPJtDDn5ZS2lvH9_0pjoQ&google_cver=1&google_push=AYg5qPLRKKwUUrwi2vyi__N573Ww-AwyLmjfNhKuoVYNVtoLsxH2HJqDNJQl96yoUvx314nstI7...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcwMTk4MTYwMjYwNjA5MjIwOA&google_push=AYg5qPLRKKwUUrwi2vyi__N573Ww-AwyLmjfNhKuoVYNVtoLsxH2HJqDNJQl96yoUvx314nstI7z3k...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcwMTk4MTYwMjYwNjA5MjIwOA&google_push=AYg5qPLRKKwUUrwi2vyi__N573Ww-AwyLmjfNhKuoVYNVtoLsxH2HJqDNJQl96yoUvx314nstI7z3k-WBxVXSE9ua0Dl1n7EGYWx

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcwMTk4MTYwMjYwNjA5MjIwOA&google_push=AYg5qPLRKKwUUrwi2vyi__N573Ww-AwyLmjfNhKuoVYNVtoLsxH2HJqDNJQl96yoUvx314nstI7z3k-WBxVXSE9ua0Dl1n7EGYWx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 3B60 43 B
577 B 36ms
15ms Image
image/gif 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEOX8aF_4a151hjmgBWvq02k&google_cver=1&google_push=AYg5qPJIGt0KDxALH3VJHYiZtVlICNJe1wkVt7jY29t9tsBiYQuSssotLMbz7iJjhAKhfL54MZkZ8nNXXAbYAaAQFTxHoMgWYkzoRQo

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Dec 2021 21:32:37 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3B60 0
12 B 16ms
15ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1SV20UGhW5obZjH_PBMpt2UnpepufgdwsYI3cFf0Y_7yNB8zz9LrnpZ_xbSWz3Lb57zaQuA

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CEF6 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Dec 2022 18:05:43 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DC50 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 10 Dec 2021 05:53:44 GMT
expires: Sat, 11 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 56333
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CEF6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 627d6c92f040deebff6b55ac012b236674e5decf2e032f435c6fbd717af108da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E64E 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Dec 2021 18:05:45 GMT
expires: Fri, 09 Dec 2022 18:05:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 98812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/6733025751471226880/ Frame 37EB 42 KB
10 KB 31ms
16ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6733025751471226880/728x090.html?e=69&leftOffset=0&topOffset=0&c=DTQf2IIKLF&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c69e46e5a864667e590268d62982120844a496f5c48394e826289e284927332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Fri, 10 Dec 2021 21:32:37 GMT
expires: Sat, 10 Dec 2022 21:32:37 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 11 Jun 2021 18:32:16 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CEF6 0
215 B 65ms
50ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttvdm9tWg47jyXXpxgXyWC41KumYusdE7XEAGlJ-TdAiqEkUw2Sc0tlZP7U_rZ7WGKFfh-UCYQKVhHXjC9nAYWC4je1OPykLKSpv45odOO3FDkZU8SLhQEhjmLScANHtvmrg_dt57lAwrRsu58fcvr2Gcu2P9LLWL0dU04wjcBbcyT3wB2aNJiPSMozrLC3LXwPWlhWN0ccmlTrr6xEkrk_SQZU-06ujapn7CWnoXsTKdc5UX0AIyQAwrs7dAAUI6IJ2LiovxUnPGLe05vde4l19ceIpBoZSbczIz9Gc5iICUeNPpGiFtlthN7cDBiEyG66du56N2gGWWKYo8yVj-tDBkbUpVNnBq3_FUr4SUs0d6zdwa7MTmhm6mlFPOZnR1TYtBKSI17l1qk0C24NJyKmWTYJV6Uywncd68-CeuHyoqD3D-lzFBxWQ9kDQQxQfeEBcyh9i57YWaiOEvcWs61jGgaSTootk7PHLXPO5AsMvWXYnBVRBnoVJ_VjaSJJLSD1uzYQALLGdSMaz4qXPlCIn6wa_oAYmS7UlGT5CTd4YtGDcDQk_dLD1FHzdzqUxqiyGtpP6ZuUGc6ZvnLLIL9iYkgQAiAwKXHvj4tTZs1YDQc9walws5cs18-5gvLL7LM7F4vsy0yyGsl6GC3cwrl-DY2hC1pKxs0UVnF_eRRfCjve9EZ92bFR8RGkoa3L6H0xJ68DN1eT0zwHw8bFlWagN7pLKJld02IGNpmbQjpuDHyWGkYOXTewS6ESRWd9wfCuhIT4KQOwH5l7KeZOYskpt3LhZEJCrIBQQJQnfbNp47qbz5tfG_eyaR4BWrD6symGAI0Tjy4VCz9uAkl9K1MJMFVurlgJ6IaK8Zi3aph5IvwbhzznUHyAiCCymieJ9xdgjQ9aP2-77tLyeRyteZKUT5jZR-I_TNa3hrSO1UZdvcjT5pB8Bb6Ow-S9W0_Go--UUIuzLewfX2sF3h2LdYvBGhtqeY1u_tOLXVHKliVaZiUbpVhd0ziNfG4WfjN_Dtvm_k-AEEjKypsUHYQp0BvuPCO0Nh4-esf0V1xFki5M7SgJjeRYYhY_C7MuHChzHnD5oV94t5zzGVFLNsq9ExiyjLaPhPO9CvJd-1TTxY5v2qeA97StW0BB3Wsypoo6s8vo2PhGPTDESCOiv3LVinvGlM0SjI0x-8hLU-miHTnmUzFgenkv1FJC0L1g26Rc1X138zwF9U0f69fHTQiMV9mAlTuR_cYpzV-_Dc&sai=AMfl-YR-n7MHaqJdKXxSVouRbPl6_hLi-GapxOaj1yQSzWbhcQwwijxnMCaEZKyKj-_GdUf-jjIN9tJEPTjr2kkEy7Stj_VveUYIq4xJZRTGPi0J0HsDy4LiXJ0hFh4S0eWq-05bx8LxAt9w4QQW1WOS8woP5FU9qg&sig=Cg0ArKJSzLpal6YFK32fEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=90&cbvp=1&cstd=84&cisv=r20211207.68197&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 10 Dec 2021 21:32:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame DC50 70 B
264 B 35ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFfot00pId8aySNiDKUuuSI&google_cver=1&google_push=AYg5qPJUPdlTWewfjQDT7wLSyhjH8Ae5SKiJod316F91Jz9O7UD3ECSYqIUGCSwtYsF0iOaJMsbLrWv2G68uQhnXcfHGcp3V7A
Requested by: Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC50
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJXgjba3Q0AbTDxXApi2UU8&google_cver=1&google_push=AYg5qPKwYClgv8ofvaSoFby9wN36ZIechlt7_8QH7VnV810hpzAEFfMAC-kdxT6spQ93y0hZgCconQ5SOPC...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKwYClgv8ofvaSoFby9wN36ZIechlt7_8QH7VnV810hpzAEFfMAC-kdxT6spQ93y0hZgCconQ5SOPCHfZ4ia_S1YjLERO4&google_hm=tS73I6AGQYej4pJRFV5W-8E

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKwYClgv8ofvaSoFby9wN36ZIechlt7_8QH7VnV810hpzAEFfMAC-kdxT6spQ93y0hZgCconQ5SOPCHfZ4ia_S1YjLERO4&google_hm=tS73I6AGQYej4pJRFV5W-8E

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:36 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKwYClgv8ofvaSoFby9wN36ZIechlt7_8QH7VnV810hpzAEFfMAC-kdxT6spQ93y0hZgCconQ5SOPCHfZ4ia_S1YjLERO4&google_hm=tS73I6AGQYej4pJRFV5W-8E
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame DC50 0
141 B 38ms
15ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKsU3xIm8NZeJXhYagXXF_k&google_cver=1&google_push=AYg5qPKl4kNYXcS_F48UMjCLKFUJeHxoR2C2I0Np-Nlea7I6uSCvOcBdm4vhoiWrai6bp9rR7BUmfmWcllAr36EtjQR0zfxkzQ
Requested by: Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
via: 1.1 google
alt-svc: clear

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC50
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENN7j2vnM_fZPSA0b0F_XDE&google_cver=1&google_push=AYg5qPLqyHP6zM2BvEI1N63gL7he33gMo1ntkdO6NgBu90In7RVJ_WAsN9lZNN0OKVoR2zUcPdOqnVsVj1US5IZnwDkC93x8Hw
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLqyHP6zM2BvEI1N63gL7he33gMo1ntkdO6NgBu90In7RVJ_WAsN9lZNN0OKVoR2zUcPdOqnVsVj1US5IZnwDkC93x8Hw&google_hm=NTM2MTQ1NzQ4MjUwNTgzODE0

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLqyHP6zM2BvEI1N63gL7he33gMo1ntkdO6NgBu90In7RVJ_WAsN9lZNN0OKVoR2zUcPdOqnVsVj1US5IZnwDkC93x8Hw&google_hm=NTM2MTQ1NzQ4MjUwNTgzODE0

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 10 Dec 2021 21:32:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLqyHP6zM2BvEI1N63gL7he33gMo1ntkdO6NgBu90In7RVJ_WAsN9lZNN0OKVoR2zUcPdOqnVsVj1US5IZnwDkC93x8Hw&google_hm=NTM2MTQ1NzQ4MjUwNTgzODE0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3 200 dot.gif
s0.2mdn.net/ Frame DC50 43 B
65 B 15ms
15ms Image
image/gif 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEPAipUyglA0gxDu06f0mOlc&google_cver=1&google_push=AYg5qPJIzlazJOjk5G7TmH3sHkNl_pIIki80ZVpfMzLL-w_39oFBpS49vwqJ0dbKTPOBcXJ59-yRpYZzqZBOtw-AgEU0oWURX5A

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Dec 2021 21:32:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC50
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAzNLMqJaxolnGVUcBqvQ-E&google_cver=1&google_push=AYg5qPLPVJr_pm7BO9W7MDQSLcwQ5RLLVp_-DYvPKsxhSc_Bw2nTXt43JjBp91bHnhP2iV1hRjY...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1gwV05UMVItMTctODZESg==&google_push=AYg5qPLPVJr_pm7BO9W7MDQSLcwQ5RLLVp_-DYvPKsxhSc_Bw2nTXt43JjBp91bHnhP2iV1hRjYWT9lJLjhmjYPn5PLY27zWrEg

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1gwV05UMVItMTctODZESg==&google_push=AYg5qPLPVJr_pm7BO9W7MDQSLcwQ5RLLVp_-DYvPKsxhSc_Bw2nTXt43JjBp91bHnhP2iV1hRjYWT9lJLjhmjYPn5PLY27zWrEg

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1gwV05UMVItMTctODZESg==&google_push=AYg5qPLPVJr_pm7BO9W7MDQSLcwQ5RLLVp_-DYvPKsxhSc_Bw2nTXt43JjBp91bHnhP2iV1hRjYWT9lJLjhmjYPn5PLY27zWrEg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC50
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECz6yFKdTIw1GP2ZNHO-3Xo&google_cver=1&google_push=AYg5qPIqKB7mzfFBCfOJVYO9ZOGYV1gs1SXfgvck6LABLadzBbsD3CfzpEcPDgRxhpa1ffviDNApbY2mwZJHHZc8wsdXcob-AY4
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIqKB7mzfFBCfOJVYO9ZOGYV1gs1SXfgvck6LABLadzBbsD3CfzpEcPDgRxhpa1ffviDNApbY2mwZJHHZc8wsdXcob-AY4&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI3MjQ0MzU5MzgyNDczOTg4NTI%3D&google_push=AYg5qPIqKB7mzfFBCfOJVYO9ZOGYV1gs1SXfgvck6LABLadzBbsD3CfzpEcPDg...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI3MjQ0MzU5MzgyNDczOTg4NTI%3D&google_push=AYg5qPIqKB7mzfFBCfOJVYO9ZOGYV1gs1SXfgvck6LABLadzBbsD3CfzpEcPDgRxhpa1ffviDNApbY2mwZJHHZc8wsdXcob-AY4

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI3MjQ0MzU5MzgyNDczOTg4NTI%3D&google_push=AYg5qPIqKB7mzfFBCfOJVYO9ZOGYV1gs1SXfgvck6LABLadzBbsD3CfzpEcPDgRxhpa1ffviDNApbY2mwZJHHZc8wsdXcob-AY4
date: Fri, 10 Dec 2021 21:32:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DC50 0
12 B 15ms
15ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LkDuJre8_at2xPtdNntX59Q7hhDiyRnaE1tfle8XzGewwV7MiOk-pQVZjCgVx6jBHdl8iR

Requested by

Host: bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
URL: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/ Show response
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame F86A
Redirect Chain

https://sender.clevernt.com/transporter/51316.php?ppuc=1&ppu=0&id=523132&ref=aHR0cHM6Ly9tLmtvb29yYS5jb20vZGVmYXVsdC5hc3B4&ruri=&r=451172593&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&wn=nul...
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583

4 KB
934 B

228ms
218ms

Document
text/html

2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Requested by: Host: m.kooora.com
URL: https://m.kooora.com/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 603eb8587970fa17d1e9ae721512815cb7a7ca872c937d4a3409209f8d62d959

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-type: text/html
x-amz-id-2: vt22GUdtcidCrO5IhA+82J2UTyadNpLwUlNDsBS6fj1b8VcpQideGBAurDtzKBpga29yKELZAuY=
x-amz-request-id: M705YPQ0NRABW97D
last-modified: Tue, 07 Dec 2021 10:21:21 GMT
cf-cache-status: HIT
age: 1350
expires: Fri, 10 Dec 2021 22:02:37 GMT
cache-control: public, max-age=1800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6bb9963e8c7f4aaa-FRA
content-encoding: br

Redirect headers

server: nginx
date: Fri, 10 Dec 2021 21:32:37 GMT
content-type: text/html; charset=UTF-8
location: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Fri, 10 Dec 2021 21:32:37 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 click%253Fxai%253DAKAOjss2pIrm1rHKmrYPgsbEL6MBVcypDc49ht9fHMOWtrZs2TEjohO1j2l9LqYJdI5LjFtYHabfN7KoeTw4_iwZXDd7AvAHouBHWWtxLS5aqvxU3sZdCRs1Iz56WzLW_Th_MCNe_b2n8s5oLD2okFAvSRdPvO9eBfkBdVt4DW7YoyxM55r...
adclick.g.doubleclick.net/pcs/ 0
0 56ms
17ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjss2pIrm1rHKmrYPgsbEL6MBVcypDc49ht9fHMOWtrZs2TEjohO1j2l9LqYJdI5LjFtYHabfN7KoeTw4_iwZXDd7AvAHouBHWWtxLS5aqvxU3sZdCRs1Iz56WzLW_Th_MCNe_b2n8s5oLD2okFAvSRdPvO9eBfkBdVt4DW7YoyxM55retmyLzrH8JSpqt0Y-8H5Xjyq5hJWer7xPc-uhg7lLEtGw9dq_reHIBYEL9106L3N_5eX0EyltZV3OIhsyT21zofnxFx9tp2eExZa61Ea-RUTQVq62dyTXCu1e5QugGJQ%2526sig%253DCg0ArKJSzJ1M3awU9ipBEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 37EB 110 KB
38 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6733025751471226880/728x090.html?e=69&leftOffset=0&topOffset=0&c=DTQf2IIKLF&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6733025751471226880/728x090.html?e=69&leftOffset=0&topOffset=0&c=DTQf2IIKLF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Dec 2021 15:45:49 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 37EB 60 KB
24 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6733025751471226880/728x090.html?e=69&leftOffset=0&topOffset=0&c=DTQf2IIKLF&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6733025751471226880/728x090.html?e=69&leftOffset=0&topOffset=0&c=DTQf2IIKLF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame E64E 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 20:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 20:14:10 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CEF6 0
23 B 45ms
45ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttvdm9tWg47jyXXpxgXyWC41KumYusdE7XEAGlJ-TdAiqEkUw2Sc0tlZP7U_rZ7WGKFfh-UCYQKVhHXjC9nAYWC4je1OPykLKSpv45odOO3FDkZU8SLhQEhjmLScANHtvmrg_dt57lAwrRsu58fcvr2Gcu2P9LLWL0dU04wjcBbcyT3wB2aNJiPSMozrLC3LXwPWlhWN0ccmlTrr6xEkrk_SQZU-06ujapn7CWnoXsTKdc5UX0AIyQAwrs7dAAUI6IJ2LiovxUnPGLe05vde4l19ceIpBoZSbczIz9Gc5iICUeNPpGiFtlthN7cDBiEyG66du56N2gGWWKYo8yVj-tDBkbUpVNnBq3_FUr4SUs0d6zdwa7MTmhm6mlFPOZnR1TYtBKSI17l1qk0C24NJyKmWTYJV6Uywncd68-CeuHyoqD3D-lzFBxWQ9kDQQxQfeEBcyh9i57YWaiOEvcWs61jGgaSTootk7PHLXPO5AsMvWXYnBVRBnoVJ_VjaSJJLSD1uzYQALLGdSMaz4qXPlCIn6wa_oAYmS7UlGT5CTd4YtGDcDQk_dLD1FHzdzqUxqiyGtpP6ZuUGc6ZvnLLIL9iYkgQAiAwKXHvj4tTZs1YDQc9walws5cs18-5gvLL7LM7F4vsy0yyGsl6GC3cwrl-DY2hC1pKxs0UVnF_eRRfCjve9EZ92bFR8RGkoa3L6H0xJ68DN1eT0zwHw8bFlWagN7pLKJld02IGNpmbQjpuDHyWGkYOXTewS6ESRWd9wfCuhIT4KQOwH5l7KeZOYskpt3LhZEJCrIBQQJQnfbNp47qbz5tfG_eyaR4BWrD6symGAI0Tjy4VCz9uAkl9K1MJMFVurlgJ6IaK8Zi3aph5IvwbhzznUHyAiCCymieJ9xdgjQ9aP2-77tLyeRyteZKUT5jZR-I_TNa3hrSO1UZdvcjT5pB8Bb6Ow-S9W0_Go--UUIuzLewfX2sF3h2LdYvBGhtqeY1u_tOLXVHKliVaZiUbpVhd0ziNfG4WfjN_Dtvm_k-AEEjKypsUHYQp0BvuPCO0Nh4-esf0V1xFki5M7SgJjeRYYhY_C7MuHChzHnD5oV94t5zzGVFLNsq9ExiyjLaPhPO9CvJd-1TTxY5v2qeA97StW0BB3Wsypoo6s8vo2PhGPTDESCOiv3LVinvGlM0SjI0x-8hLU-miHTnmUzFgenkv1FJC0L1g26Rc1X138zwF9U0f69fHTQiMV9mAlTuR_cYpzV-_Dc&sai=AMfl-YR-n7MHaqJdKXxSVouRbPl6_hLi-GapxOaj1yQSzWbhcQwwijxnMCaEZKyKj-_GdUf-jjIN9tJEPTjr2kkEy7Stj_VveUYIq4xJZRTGPi0J0HsDy4LiXJ0hFh4S0eWq-05bx8LxAt9w4QQW1WOS8woP5FU9qg&sig=Cg0ArKJSzLpal6YFK32fEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=188&vt=11&dtpt=98&dett=3&cstd=84&cisv=r20211207.68197&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: m.kooora.com
URL: https://m.kooora.com/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 21:32:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 state Show response
api.permutive.com/v1.0/ 0
82 B 22ms
22ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: gzip
server: Permutive
alt-svc: clear
content-length: 20
via: 1.1 google

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 37EB 47 KB
47 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6733025751471226880/728x090.html?e=69&leftOffset=0&topOffset=0&c=DTQf2IIKLF&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:20:33 GMT
x-content-type-options: nosniff
age: 724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Dec 2021 21:35:33 GMT

GET
H3 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 37EB 47 KB
47 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6733025751471226880/728x090.html?e=69&leftOffset=0&topOffset=0&c=DTQf2IIKLF&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:18:44 GMT
x-content-type-options: nosniff
age: 833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Dec 2021 21:33:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 37EB 6 KB
4 KB 33ms
18ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5fc0685c28689b639d110fa4998ac34303f22f8d51544d64b10dbbb3c4e7694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4520
x-xss-protection: 0

GET
H3 200 60005582_20210907010550480_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 37EB 16 KB
16 KB 8ms
7ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210907010550480_728x090_LOOK-02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41fb5f60f3d09ffd9eed1c322178d2a5c2f0626f264388b591bffd54f257bbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6733025751471226880/728x090.html?e=69&leftOffset=0&topOffset=0&c=DTQf2IIKLF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 11:15:33 GMT
x-content-type-options: nosniff
age: 37024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15902
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 08:05:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Dec 2021 11:15:33 GMT

GET
H3 200 60005582_20210907011245328_STOERER_Wechselbonus.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 37EB 4 KB
4 KB 9ms
8ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210907011245328_STOERER_Wechselbonus.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7929d563a506ef64369932c67c5ee4e011fdbb044a40304127757ebecbffed55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6733025751471226880/728x090.html?e=69&leftOffset=0&topOffset=0&c=DTQf2IIKLF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 11:20:51 GMT
x-content-type-options: nosniff
age: 36706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3656
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 08:12:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Dec 2021 11:20:51 GMT

GET
H3 200 60005582_20210803245841639_S21-Plus-5G_schwarz.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 37EB 47 KB
47 KB 9ms
9ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210803245841639_S21-Plus-5G_schwarz.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df0cf0caaa8d47cffffffc61be3219ad48a3683a3d240f2af97ee904c438735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6733025751471226880/728x090.html?e=69&leftOffset=0&topOffset=0&c=DTQf2IIKLF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 11:03:11 GMT
x-content-type-options: nosniff
age: 37766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48568
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 07:58:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Dec 2021 11:03:11 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 37EB 43 B
607 B 33ms
9ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_290978106_99447965_-0&ref=25124645_4307561_290978106_99447965_-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 21:32:37 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 37EB 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame B5AF 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 20:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 20:14:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=Kooora&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=0&ak=https%3A%2F%2Fbffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-E0xt5j9Bn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-odKx0GC5X%2FcYUw%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&pcode=choueirigroupheaderdfp445340272806&rx=451608890122&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1348.625&zGSRC=1&gu=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&id=1&ii=4&f=0&j=&t=1639171954446&de=541644405580&cu=1639171954446&m=3196&ar=180417bf1d6-clean&iw=52e9e05&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1348.625&lb=8048&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A430%3A430%3A1328%3A384&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=56&cd=0&ah=56&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&bo=Kooora&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196087&na=608315140&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E64E 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcXAFdcezYZ-UDt6O7_UP6bCmwAoAAAAAOAHgBAI&bg=!7e6l7qrNAAZKWFskSlg7ACkAdvg8WhOiVPBP5xg0oP2y3oix7gLQn55JG_4w0RDFOmSmht3cIPRyaAIAAACLUgAAABZoAQcKADhNhqTW2NRQUYBzoDKQmvMBPL8NtVhThzRhMrlOtunF8rFh2dhRoqdB_ca43aJZLsvV2hV-oUdhtJkDD4zV3lKeJmTwBTRjILl6_-fyQpJut7Mrqb2orxGPkElcya8YzK6s4NFHv4MRKsSjOLKmwEFSnECqzeofrmooEx8vbyZ1mRKTr3OB8WQuKIZfYLAV_hU5jILlLeDqmQOqzLLVuQ7C1adPtWbq4JFMr0A_YJvhbiSdvPqP28k859p4bCuy2oO7qNlsFia4eaG7kxgDkvmp_WJrn8mCnxQB-mOMAidtBCRyuwxXZaWwxqtTc-2L-Zr6STlMI5COEBgyXS8uMpkOHhf70sbafbnQLrQQ3XxbqX36tLS5MFmDiwrIloTG9wx5mi7bIX-yNz54HCJh_vA11FasPLp1eMRC-uQpEKRVMNCZmGCp95Gqhhg5uKdPMvr5FqwY8eZUAZexWYhuyDzNP3Sxm_UcgaF3IwOeO8Z55ctHunRF_qW0e1gKknnNMLw5fSa7OCU2L6U3T8IxWMhuCejaxSXTtR1_ZYqcIpapELrpFAzkP8uvlAzZ2C8ajc7dHueiGJl1ZPUjrL6R6KwgT0p2zJkkiHuq2v1In0FHuvlJIhdyfoBXRICMCrHpZbWwIie_8EY9aFMX_Kv8xdHaeqrE9W5Cw7ztSA09VG8wfY-hjoCMoOu941bSXvTrIxoq2aNOmISNhh6Z0brQiLyabRuh8iSnf8icV8RPcC4C_YI0mlGuH-HsaEnMRQnYPYJMWVL60ILHf0bu6WXvPGNXiLME0WqBZuo7elg5SXxBn05Ci7YF4WW_G5cBBfje9yuju16KIi5ljKm6asTd_yoAHWrFvd0EdLgYvkpB6TGrD4xA4geNj8Cntc9OEVH_Lz8HSZoVDo6tCG-EJYPF4CqRblZKaP87Jcnsst9c4Wd02BulrtYgUvyVziFIWokgRkr1tN-GNe2cpqNLCpudos-RohtANlRlF304ey6O8re5fUvllbV1ByY6xpuZEQgEgSMzMI6-KLeRda9qVCzAJdrhY-vpLB_PHky501-pvSpx9EvlG91r-dOqbzvwm4CQR14z5XvvvH5dXVgKRsxrk1HwA-Y6bRH3vkSkng

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame F86A 11 KB
2 KB 29ms
29ms Stylesheet
text/css 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58387ca9397ec3cb0e0d8e163e3aaf616b33db0a023c16b7824519a834ca6001

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 998
cf-polished: origSize=11955
last-modified: Thu, 02 Dec 2021 10:41:05 GMT
x-amz-request-id: WPDFGSRYTGCFDVQD
x-amz-id-2: GS3YwOAstVoTjdKxSQQU+OmuaZcy6VvXSnFV6M/C6gLchhpl7eT6SVDhpaNHKY2U3MG6VCW5DeQ=
cf-bgj: minify
server: cloudflare
etag: W/"0b1a0f0066ac8ef5a3b0a38c0858a9b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1800
cf-ray: 6bb9963fff504aaa-FRA
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 anzeige.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 1 KB
861 B 41ms
40ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/anzeige.svg?v=1
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Dec 2021 10:41:05 GMT
server: cloudflare
age: 995
etag: W/"3e9d1a10a1056de77db1bab72b55ef1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb9963fff554aaa-FRA
x-amz-request-id: WPD9TFFZQSNB7PKW
x-amz-id-2: 6gqkYnR5IhP7rRj/j/hWfrgUn+RUJ0V5M1LWySEy77KQQ8G0bQYvl7uhAgg96EWcyIE61+ShPe8=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 logo.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/logo.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 997
etag: W/"89cc1efb4630095200908a2c0e01275c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb9963fff654aaa-FRA
x-amz-request-id: 53ZHQQ8Y8B8FR54J
x-amz-id-2: U4jnoidPqxdZ/DZJvTowIQTcM9wciHqoICd9ubzomZx4ZGw61JogTievRbwxzVLKuetBl0VesNo=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 copy_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 12 KB
4 KB 37ms
36ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 997
etag: W/"48521ed69677855391819664023f03a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb9963fff674aaa-FRA
x-amz-request-id: 53ZW0KD667AQVSSX
x-amz-id-2: QHs+m8EQ7AfW+o+s6K2nHMgTD2Cb645/UzWzJQEeM62I3AD+/TXebO96BKa59UsWSr7UfSL6X/E=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 copy_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 12 KB
4 KB 37ms
36ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 997
etag: W/"b021ae3bd30deb5a02a9d0476e269ae5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb9963fff684aaa-FRA
x-amz-request-id: 53ZYC4RPJQ99EGFA
x-amz-id-2: uYg9Z+0JbAOD3wMUDJcGVIvG+2cV1+PJLVCUqrE30U8zihDx8cqRKcTFNsvB7sQHxPM5NHhuyig=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 copy.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 12 KB
4 KB 36ms
35ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 997
etag: W/"6a14ab0d467b44cc536dff1c855843d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb9963fff6c4aaa-FRA
x-amz-request-id: 53ZMHM6YDFST7Q3A
x-amz-id-2: wYnd7zZnGhkAy7qwvJPlQKs6hLqA1rvuQgbuVGvIbNb6iXQ11rK/2vOM7psH+JeK7p4rSCym9Nk=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 copy2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 5 KB
2 KB 25ms
24ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Dec 2021 10:21:21 GMT
server: cloudflare
age: 997
etag: W/"beb4ce05eda61995a0eba82cbef0fb8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb996402fd54aaa-FRA
x-amz-request-id: 4HQF1JKBSH3XXYPB
x-amz-id-2: UYw5V0RBxC3oXTVRlpatgXssTS0UGCYtqerKs02Y0cZKIxpZKj8Ly2oSNRT7LjDdW8dhJZsdPKo=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 copy2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 5 KB
2 KB 20ms
18ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 997
etag: W/"5dafc545e73be5464256dd78dc118a9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb9964038044aaa-FRA
x-amz-request-id: 53ZW307WP3GQQXW7
x-amz-id-2: tnpEo4nrFHgCMVJnydlE7d/mozt/5QiSUzFCbD7RjrNFNeRDiruVrZX6wl0eEEr8iU3/CNKKBqA=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 copy2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 5 KB
2 KB 21ms
19ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 997
etag: W/"dc43a4e11b82fa41efb8bdc2acd73425"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb9964038074aaa-FRA
x-amz-request-id: 53ZY9QRXC6D564A7
x-amz-id-2: 9kD9ayG7LZcP+DMmbtkF5iiteo+c7J23ptU7Ed39G/ZXscHHn0TCFWXhQCNtK+c8bcBuRikRkeM=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 copy3.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 6 KB
2 KB 56ms
54ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy3.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 24 Oct 2021 18:06:11 GMT
server: cloudflare
age: 997
etag: W/"9048820dc635dbe10d09725e919ba54f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb9964038094aaa-FRA
x-amz-request-id: V05J8RBK2TV4Y0WT
x-amz-id-2: suY/T9z7Bf6mMByvjUBKdUmx0aRb2sotOVgVAP6VynYbYy043PDlTCWFncE7Ca20N414yMKNIYk=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 cta.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 3 KB
1 KB 30ms
28ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/cta.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Nov 2021 20:51:10 GMT
server: cloudflare
age: 997
etag: W/"b26d0f732978180e7c2480406f97e7f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb99640380b4aaa-FRA
x-amz-request-id: WNSW1EEPZPEBPWK3
x-amz-id-2: ZWh/D2/d9sqOzOaYf2ycQFg+tDjppQNuDiJSCks3EGIkW4Prsv0sRS0ytc6Qmj8HUe0l/RJQetc=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 legal2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 12 KB
4 KB 29ms
28ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 1000
etag: W/"22316355cfe04cd150c2b810a54167a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb99640380c4aaa-FRA
x-amz-request-id: 53ZVGPFQXVFGSYKX
x-amz-id-2: IYHuYk9ZTN6HT6LKESfu+0adOeAxh9xsLfgtRs0FkLqLSh/5kNfCeVGOIEzpGbEtpGT+VIQw2xc=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 legal2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 33 KB
6 KB 32ms
31ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 1000
etag: W/"19cfc2171558b226e44590caa30ac756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb99640482e4aaa-FRA
x-amz-request-id: 53ZV3NSW4PV1EH37
x-amz-id-2: Y07LfUqFKN+QRgj9IyF4bcit9AyqwjNEB83lTkkQcNGeJp+CWvW/L0zD+HdVww+b3HJKtZDThR4=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 legal2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 33 KB
6 KB 30ms
30ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Oct 2021 09:56:20 GMT
server: cloudflare
age: 1000
etag: W/"a33282a0f66d9e18e14ed6c9fa761dd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6bb99640584a4aaa-FRA
x-amz-request-id: X293ZEWYTW501KYZ
x-amz-id-2: 4iwingo8VWRQpMBxYl1BUGrWxNuC+Cmc4e43RwhIwr5UbeTHM3qqW4BWbG9aQeU5a/CMJktu4aA=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame F86A 12 KB
4 KB 11ms
11ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Dec 2021 16:45:16 GMT
server: cloudflare
etag: W/"61b0e11c-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6bb99640584d4aaa-FRA
vary: Accept-Encoding
expires: Sun, 12 Dec 2021 21:32:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F86A 8 KB
723 B 36ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af3e5cfbec7a3ad4f4f5ae7f38bd6e857fb46b79a4851ed6084f32adcd327363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 20:34:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 10 Dec 2021 21:32:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Dec 2021 21:32:37 GMT

GET
H2 200 320x320_15.gif
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 83 KB
84 KB 29ms
28ms Image
image/gif 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/320x320_15.gif?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 897a61f461e2da1c232ce838911e080848f1454071e4e1fea731055df1b03f86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
cf-cache-status: HIT
age: 980
cf-polished: origSize=85875, status=webp_bigger
cf-ray: 6bb9964068814aaa-FRA
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
content-length: 85394
x-amz-id-2: omXSXXu0/Z9osdREeSJGOLVdbghQ+7ugSbBE7rsXebmIGwBuOQkWBkQeEpqjsG6YGXF4udAMgOc=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "b97a40ec85baebd06758c20639f491ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: B2Q0ZW7Q4TARGRMN
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: image/gif
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame F86A 44 KB
44 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.cleverwebserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 00:14:34 GMT
x-content-type-options: nosniff
age: 249483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 00:14:34 GMT

GET
H2 200 clever.de.min.js Show response
lp.cleverwebserver.com/bet365/js/ Frame F86A 9 KB
4 KB 28ms
28ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01062583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Dec 2021 16:52:24 GMT
server: cloudflare
age: 1003
etag: W/"f608a5d30dd77ed8de7ceb968e854f04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 6bb9964078a04aaa-FRA
x-amz-request-id: CHZJMNK5XTPQTJKS
x-amz-id-2: qB778O5uojSYkz4oCvhVyzgwEWoNVp3KIrvrlZoltnoVcneOBb0TIrvmTffbHF6uwP73rJCtkG0=
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H2 200 bg-pushdown_2.jpg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame F86A 26 KB
26 KB 22ms
22ms Image
image/jpeg 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/bg-pushdown_2.jpg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a01536a4e78676d34742f3d6a8718fd8604dc9c0f4569cbc5a38c1e66d774cf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:32:37 GMT
cf-cache-status: HIT
age: 895
cf-polished: origSize=27972, status=webp_bigger
cf-ray: 6bb99640a8ff4aaa-FRA
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
content-length: 26182
x-amz-id-2: W+EiwTxEkItVARtL4/cDRBZdsIpfpI44aQdOpbLDuHWcNYVU9FKvWX2Dnal5mZBGcgk+dsrC0nc=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "badb98ee3ef98cf931012151d07083fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BPZ5VJQAKXVR3W2G
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 10 Dec 2021 22:02:37 GMT

GET
H/1.1 200
OK DefaultAff.aspx Show response
members.bet365.de/Members/Helpers/ Frame D9DA 84 B
716 B 197ms
143ms Document
text/html 81.94.208.229
HLM2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01062583
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.94.208.229 Stoke-on-Trent, United Kingdom, ASN34587 (HLM2-AS, GB),
Reverse DNS
Software: /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
ME-Redirect: PQB
Date: Fri, 10 Dec 2021 21:32:37 GMT
Content-Length: 177

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82BA 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3p12ZiZTdUJdWGI6-YjhRriSD79PhiYHvWUB-vET9NVF1bYqONibZQjrwsUwr_6qiqOlTpxSzb1IYPlJQkkZPYmuO9m9gEfChlYMHubCifnEC3HYu&sig=Cg0ArKJSzPChpa4FJCpaEAE&id=lidar2&mcvt=1001&p=15,800,16,801&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1073378467&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639171957152&rpt=154&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 11ms
11ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&pxm=2&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=CHOUEIRIGROUPDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-E0xt5j9Bn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-odKx0GC5X%2FcYUw%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&pcode=choueirigroupheaderdfp445340272806&rx=451608890122&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&wp=3&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=1200&w=1600&rm=1&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&id=1&ii=4&f=0&j=&t=1639171954446&de=491352603042&cu=1639171954446&m=3942&ar=180417bf1d6-clean&iw=52e9e05&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8442&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A430%3A430%3A1328%3A384&as=1&ag=1185&an=43&gi=1&gf=1185&gg=43&ix=1185&ic=1185&ez=1&ck=1185&kw=1026&aj=1&pg=100&pf=100&cc=1&bw=1185&bx=43&ci=1185&jz=1026&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1026&cd=85&ah=1026&am=85&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4623254331%3A2947449358%3A5852634670%3A138374289852&cm=1&bo=223617791&bd=224594951&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=223617791&zMoatOrigSlicer2=224594951&zMoatDomain=kooora.com&zMoatSubdomain=m.kooora.com&dfp=0%2C1&la=224594951&zMoatSZ=1x1&zMoatPS=inskin%2Cjustpremium&zMoatBLOCK=true&zMoatMMV_MAX=slotNoSlotData&zMoatMData=1&zMoatMSafety=safe&zMoatMGV_MAX=slotNoSlotData&zMoatMMV=slotNoSlotData&zMoatMGV=slotNoSlotData&zMoatTPC=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&zMoatSTPC=-&zMoatPT=homepage&zMoatNative=-&zMoatSlotName=-&zMoatPlatform=web&zMoatAdSlot=Skinning&zMoatCURL=m.kooora.com%2Fdefault.aspx&zMoatDev=Desktop&hv=WALLPAPER_RELATIVE&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=Skinning&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=safe&tc=0&fs=196087&na=1295158202&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Dec 2021 21:32:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&pxm=2&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=CHOUEIRIGROUPDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-E0xt5j9Bn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-odKx0GC5X%2FcYUw%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&pcode=choueirigroupheaderdfp445340272806&rx=451608890122&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&wp=3&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=1200&w=1600&rm=1&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&id=1&ii=4&f=0&j=&t=1639171954446&de=491352603042&cu=1639171954446&m=3944&ar=180417bf1d6-clean&iw=52e9e05&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8442&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A430%3A430%3A1328%3A384&as=1&ag=1185&an=1185&gi=1&gf=1185&gg=1185&ix=1185&ic=1185&ez=1&ck=1185&kw=1026&aj=1&pg=100&pf=100&cc=1&bw=1185&bx=1185&ci=1185&jz=1026&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1026&cd=1026&ah=1026&am=1026&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4623254331%3A2947449358%3A5852634670%3A138374289852&cm=1&bo=223617791&bd=224594951&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=223617791&zMoatOrigSlicer2=224594951&zMoatDomain=kooora.com&zMoatSubdomain=m.kooora.com&dfp=0%2C1&la=224594951&zMoatSZ=1x1&zMoatPS=inskin%2Cjustpremium&zMoatBLOCK=true&zMoatMMV_MAX=slotNoSlotData&zMoatMData=1&zMoatMSafety=safe&zMoatMGV_MAX=slotNoSlotData&zMoatMMV=slotNoSlotData&zMoatMGV=slotNoSlotData&zMoatTPC=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&zMoatSTPC=-&zMoatPT=homepage&zMoatNative=-&zMoatSlotName=-&zMoatPlatform=web&zMoatAdSlot=Skinning&zMoatCURL=m.kooora.com%2Fdefault.aspx&zMoatDev=Desktop&hv=WALLPAPER_RELATIVE&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=Skinning&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=safe&tc=0&fs=196087&na=786391792&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Dec 2021 21:32:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=6&pxm=2&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=CHOUEIRIGROUPDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-E0xt5j9Bn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-odKx0GC5X%2FcYUw%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&pcode=choueirigroupheaderdfp445340272806&rx=451608890122&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&wp=3&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=1200&w=1600&rm=1&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&id=1&ii=4&f=0&j=&t=1639171954446&de=491352603042&cu=1639171954446&m=3947&ar=180417bf1d6-clean&iw=52e9e05&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8442&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A430%3A430%3A1328%3A384&as=1&ag=1185&an=1185&gi=1&gf=1185&gg=1185&ix=1185&ic=1185&ez=1&ck=1185&kw=1026&aj=1&pg=100&pf=100&cc=1&bw=1185&bx=1185&ci=1185&jz=1026&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1026&cd=1026&ah=1026&am=1026&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4623254331%3A2947449358%3A5852634670%3A138374289852&cm=1&bo=223617791&bd=224594951&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=223617791&zMoatOrigSlicer2=224594951&zMoatDomain=kooora.com&zMoatSubdomain=m.kooora.com&dfp=0%2C1&la=224594951&zMoatSZ=1x1&zMoatPS=inskin%2Cjustpremium&zMoatBLOCK=true&zMoatMMV_MAX=slotNoSlotData&zMoatMData=1&zMoatMSafety=safe&zMoatMGV_MAX=slotNoSlotData&zMoatMMV=slotNoSlotData&zMoatMGV=slotNoSlotData&zMoatTPC=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&zMoatSTPC=-&zMoatPT=homepage&zMoatNative=-&zMoatSlotName=-&zMoatPlatform=web&zMoatAdSlot=Skinning&zMoatCURL=m.kooora.com%2Fdefault.aspx&zMoatDev=Desktop&hv=WALLPAPER_RELATIVE&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=Skinning&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=safe&tc=0&fs=196087&na=1982777774&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Dec 2021 21:32:38 GMT

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
180 B 16ms
16ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 40e2f70ec778afbb6a908f4799508be81fd70f4e459ecc28d1ef4612f875c736

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 10 Dec 2021 21:32:38 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://m.kooora.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 112
via: 1.1 google

POST
H2 200 state Show response
api.permutive.com/v1.0/ 0
79 B 16ms
16ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=false&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.kooora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 10 Dec 2021 21:32:39 GMT
content-encoding: gzip
server: Permutive
alt-svc: clear
content-length: 20
via: 1.1 google

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=2&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=CHOUEIRIGROUPDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-E0xt5j9Bn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-odKx0GC5X%2FcYUw%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&pcode=choueirigroupheaderdfp445340272806&rx=451608890122&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&wp=3&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=1200&w=1600&rm=1&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fm.kooora.com%2Fdefault.aspx&id=1&ii=4&f=0&j=&t=1639171954446&de=491352603042&cu=1639171954446&m=7764&ar=180417bf1d6-clean&iw=52e9e05&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8442&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A430%3A430%3A1328%3A384&as=1&ag=5007&an=1185&gi=1&gf=5007&gg=1185&ix=5007&ic=5007&ez=1&ck=1185&kw=1026&aj=1&pg=100&pf=100&cc=1&bw=5007&bx=1185&ci=1185&jz=1026&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4848&cd=1026&ah=4848&am=1026&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=4623254331%3A2947449358%3A5852634670%3A138374289852&cm=1&bo=223617791&bd=224594951&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=223617791&zMoatOrigSlicer2=224594951&zMoatDomain=kooora.com&zMoatSubdomain=m.kooora.com&dfp=0%2C1&la=224594951&zMoatSZ=1x1&zMoatPS=inskin%2Cjustpremium&zMoatBLOCK=true&zMoatMMV_MAX=slotNoSlotData&zMoatMData=1&zMoatMSafety=safe&zMoatMGV_MAX=slotNoSlotData&zMoatMMV=slotNoSlotData&zMoatMGV=slotNoSlotData&zMoatTPC=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&zMoatSTPC=-&zMoatPT=homepage&zMoatNative=-&zMoatSlotName=-&zMoatPlatform=web&zMoatAdSlot=Skinning&zMoatCURL=m.kooora.com%2Fdefault.aspx&zMoatDev=Desktop&hv=WALLPAPER_RELATIVE&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tz=Skinning&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=safe&tc=0&fs=196087&na=410521722&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.kooora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 21:32:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Dec 2021 21:32:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESECTuKtukgNGRJtbrE06xvtc&google_cver=1&google_push=AYg5qPIu6qZ6HdoyqY_Wj-W9fSUf8eF9rJ-ZkpWPncAG3yONMmX12YO5QGVX8e8uZqcYpzA6InIQNQ5CikxExaccqiOrnuOCRVFT

Verdicts & Comments Add Verdict or Comment

249 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
collector.effectivemeasure.net/beacon	1970-01-20 07:57:55	Name: c3 Value: 1
collector.effectivemeasure.net/beacon	1970-01-20 07:57:55	Name: gc Value: DE
collector.effectivemeasure.net/beacon	1970-01-20 07:57:55	Name: mb Value: 0
collector.effectivemeasure.net/beacon	1970-01-20 07:57:55	Name: dmp Value: 1639171955118
m.kooora.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fydvuulbgwtikagujvvpbbys
m.kooora.com/	1970-01-20 00:04:10	Name: svx1 Value: 0
m.kooora.com/	1970-01-20 08:05:07	Name: kookie Value: 71e654b5-0027-43f8-9b83-6e262ef8af72
m.kooora.com/	1970-01-20 08:05:07	Name: kookie2 Value: 71e654b5-0027-43f8-9b83-6e262ef8af72
.kooora.com/	1970-01-20 16:50:43	Name: _ga Value: GA1.2.225748511.1639171955
.kooora.com/	1970-01-19 23:20:58	Name: _gid Value: GA1.2.2083437344.1639171955
m.kooora.com/	1970-01-19 23:29:36	Name: scountry Value: de
.kooora.com/	1970-01-19 23:19:33	Name: __cf_bm Value: LS7fE3H2ryoQajcgZyeKgicp8q_wFAjZo8I8E3mxbX8-1639171954-0-AX6Owv2OD460mEIA//oT/jH7WYUv8Tx+sDHIaBEf7Btgf58dDvFCjvyucT+ZkQvll1/noWHcmUFtW7VvHo/Lg64r15njmvk4BT/2rbxQrwBu9Mqf9INheePv0wVbAYc5tA==
.kooora.com/	1970-01-20 01:29:07	Name: _fbp Value: fb.1.1639171954907.1348389583
.kooora.com/	1970-01-19 23:19:32	Name: _gat Value: 1
.kooora.com/	1970-01-20 16:50:43	Name: cognativexpixel Value: cfcbb156-16ef-4fe6-aadf-1c58ce5ea1d9
.kooora.com/	1970-01-19 23:19:33	Name: cognativexusersession Value: {%22sid%22:1%2C%22surl%22:%22https://m.kooora.com/default.aspx%22%2C%22sref%22:%22%22%2C%22sts%22:1639171954960%2C%22slts%22:1639171954960}
.kooora.com/	1970-01-20 16:50:43	Name: cognativexvisitorinfo Value: {%22createdTs%22:1639171954960%2C%22session_count%22:1%2C%22last_session_ts%22:1639171954960}
collector.effectivemeasure.net/	1970-01-20 07:57:55	Name: vt Value: ad787200-ba79-4f9d-8d99-a9bd1a0c0b67-17da6431907-e68020be
.kooora.com/	1970-01-20 07:57:55	Name: _em_vt Value: ad787200-ba79-4f9d-8d99-a9bd1a0c0b67-17da6431907-e68020be
.kooora.com/	1970-01-19 23:19:33	Name: _em_c3 Value: 1
.kooora.com/	1970-01-19 23:19:33	Name: _em_vi Value: 6ee1ef02-9217-4bf2-9c82-e0890493000b-17da6431920-4dbcf0da
.kooora.com/	1970-01-19 23:19:33	Name: _em_lt Value: 1639171954976
.kooora.com/	1970-01-19 23:19:33	Name: _em_ft Value: 1639171954976
.kooora.com/	1970-01-19 23:19:33	Name: _em_pc Value: 1
.kooora.com/	1970-01-21 01:37:46	Name: permutive-id Value: ca1ca27a-0f57-4b8b-8b28-07efcfdb0180
.kooora.com/	1970-01-21 01:37:46	Name: permutive-session Value: %7B%22session_id%22%3A%2226e8d477-dc8d-4a3c-8f3d-eb6ea8b4d097%22%2C%22last_updated%22%3A%222021-12-10T21%3A32%3A35.064Z%22%7D
.kooora.com/	1970-01-20 07:57:55	Name: _em_gc Value: DE
.kooora.com/	1970-01-20 07:57:55	Name: _em_mb Value: 0
.f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co/	1970-01-20 01:29:07	Name: pxid Value: c9e6bfa4-ff29-4311-b4f3-4c804c9beb14
.kooora.com/	1970-01-20 07:57:55	Name: _em_dmp Value: 1639171955118
.kooora.com/	1970-01-20 08:48:19	Name: __gfp_64b Value: sNLK9jTETJm26wAioIq.l4a_xdPm4EeN1miWH8tZ2pP.l7\|1639171954
.doubleclick.net/	1970-01-20 08:41:07	Name: IDE Value: AHWqTUmmQkpoWhp2oCWMItj0Q0f1LA1IUtLnPGH4mFThzb5pVQ-D0xX8dNyh1JwDkSw
.adsrvr.org/	1970-01-20 08:05:07	Name: TDID Value: 110c7e2e-17ef-40d8-90fc-ea169ae75ac5
.adsrvr.org/	1970-01-20 08:05:07	Name: TDCPM Value: CAEYBSABKAIyCwie1JWB6oueOhAFOAE.
.kooora.com/	1970-01-19 23:19:33	Name: _em_scf Value: []
.hit.gemius.pl/	1970-01-20 08:48:19	Name: Gdyn Value: KlQuZMGGQMGGIEZoxULwkniissGMXP8c25nSG69yQrXmgZMiGsRW0mlGvGQpxRg8SLL8RLcGsy8Pge9oaQG.
.hit.gemius.pl/	1970-01-20 00:02:43	Name: grtb_dbcm Value: 1
.tagger.opecloud.com/	1970-01-20 08:05:07	Name: ope_uid Value: 2-HPoMB3uEMMkQS3Gw6Q08X2QzG4VH3tJU4ADi+yu45Ea7Sspk11bUGxVpoLyRGsJlwu3gvA==
.mookie1.com/	1970-01-20 08:48:19	Name: id Value: 10814620450244705005
.mookie1.com/	1970-01-20 08:48:19	Name: mdata Value: 1\|10814620450244705005\|1639171956493
.mookie1.com/	1970-01-20 08:48:19	Name: ov Value: 52cdd45b4c0812089e5cd73cde9c4cea
.kooora.com/	1970-01-20 08:41:07	Name: __gads Value: ID=c7b6918e69f26e1c:T=1639171956:S=ALNI_MYLAv85lpYPObj49XlWjJXYIf7kIg
.adnxs.com/	1970-01-20 01:29:07	Name: uuid2 Value: 3019669619004977341
.casalemedia.com/	1970-01-20 01:29:07	Name: CMPS Value: 5205
.adnxs.com/	1970-01-20 01:29:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilgrd'7<!]tbPl1M>e)ZlrFUfJ+tGXxoD8et/?Yn-sw:GO.iX5F0(M'!u6Q<:e[tAawU%nugO%v4VB%nmhv*#eOi
.casalemedia.com/	1970-01-20 08:05:07	Name: CMID Value: YbPHdf-1RgdGgbS263nxDwAA
.casalemedia.com/	1970-01-20 01:29:07	Name: CMPRO Value: 1171
.casalemedia.com/	1970-01-19 23:20:58	Name: CMST Value: YbPHdWGzx3UA
.w55c.net/	1970-01-20 08:49:46	Name: wfivefivec Value: YILyki3X1MVNvn5
.adfarm1.adition.com/	1970-01-20 01:29:07	Name: UserID1 Value: 7040189947849406607
.adform.net/	1970-01-20 00:04:10	Name: C Value: 1
.w55c.net/	1970-01-20 00:02:43	Name: matchgoogle Value: 5
.casalemedia.com/	1970-01-20 08:05:07	Name: CMRUM3 Value: 2d61b3c7752760CAESELnNFKyN2Bd3kDj38nWpGZQ
m.kooora.com/	1970-01-20 00:02:43	Name: clever-last-tracker-51316 Value: 1
.adform.net/	1970-01-20 00:45:55	Name: uid Value: 8701981602606092208
.3lift.com/	1970-01-20 01:29:07	Name: tluid Value: 12724435938247398852
.blismedia.com/	1970-01-20 08:05:11	Name: b Value: 61B3C775D692F1EDAED4A490BLIS
.ctnsnet.com/	1970-01-20 08:05:07	Name: cid_b52ef723a0064187a3e29251155e56fb Value: 1
.yahoo.com/	1970-01-20 08:05:29	Name: A3 Value: d=AQABBHXHs2ECEEW25UNQ5ufD7f5A-q7gN98FEgEBAQEYtWG9YQAAAAAA_SMAAA&S=AQAAAhFzETRjvmd91r92TUcfT0c
.o2online.de/	1970-01-19 23:29:36	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_290978106_99447965_-0&ref=25124645_4307561_290978106_99447965_-0
.everesttech.net/	1970-01-20 08:05:07	Name: everest_g_v2 Value: g_surferid~YbPHdQAK8rHJqwAz
.bet365.de/	1970-01-20 00:24:19	Name: Affiliates Value: Code=365_01062583%2f116177544893&prd=Sports
members.bet365.de/	1969-12-31 23:59:59	Name: session Value: processform=0
.bet365.de/	1969-12-31 23:59:59	Name: pstk Value: 6C0DA364B04F341D8EBB0A1D3A0CE98C000003

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://o.kooora.com/jquery-3.5.1.min.js(Line 1) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	Deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adclick.g.doubleclick.net
adservice.google.com
adservice.google.de
ae-gmtdmp.mookie1.com
api.permutive.com
bffa8e55484b9c21e69666fe8a4c4be2.safeframe.googlesyndication.com
c.evidon.com
c1.adform.net
cdn.permutive.com
cm.g.doubleclick.net
collector.effectivemeasure.net
connect.facebook.net
detect-survey.effectivemeasure.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co
fonts.googleapis.com
fonts.gstatic.com
gaae.hit.gemius.pl
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
img.kooora.com
kooora.cognativex.com
ktv.kooora.ws
l.evidon.com
lp.cleverwebserver.com
ls.hit.gemius.pl
m.kooora.com
match.adsrvr.org
mb.moatads.com
members.bet365.de
o.kooora.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
px.moatads.com
s0.2mdn.net
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
sender.clevernt.com
static.cloudflareinsights.com
static.cognativex.com
stats.g.doubleclick.net
striveme.com
survey.effectivemeasure.net
sync-tm.everesttech.net
t1.effectivemeasure.net
tagger.opecloud.com
tpc.googlesyndication.com
tr.blismedia.com
v2-ui.cleverwebserver.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
google2waycm.netmng.com
104.111.244.187
104.18.8.101
104.18.9.101
104.19.149.54
13.248.245.213
13.35.253.73
142.250.181.226
142.250.185.194
146.59.30.96
148.69.64.76
151.101.66.49
18.185.171.80
185.33.220.216
188.68.250.238
2.18.234.21
2.18.235.40
2600:9000:206f:7e00:1f:612c:5a80:93a1
2606:4700:20::ac43:4487
2606:4700:20::ac43:4901
2606:4700::6810:5f41
2606:4700::6812:16fb
2606:4700::6812:19f6
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2006
2a00:1450:400c:c06::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:f9a2:1d20:7db2:a370
3.64.158.25
34.107.254.252
34.96.105.8
35.186.193.173
35.186.238.175
35.241.9.51
37.157.4.39
52.1.153.66
52.208.32.237
52.223.40.198
54.161.40.243
54.229.158.181
69.173.144.165
81.94.208.229
82.113.101.132
85.114.159.93
00bb761953644ab63c368b233f162b98e3441223897b35d23bc803e8048a08b8
013a122c7839f7d75e116bc0dc041b77af02f1f75d6eb299cb47c1155dde8565
015f2154b4f8add8ddf1909d69d1ef40b5dcd400f6a84311f561fdfa7ef63c84
05eea0ee05b5e72cee07437ed8d3ca617018bb34918176f47120b9d2241b5f56
09d6d37f17cc1587c2955d80f3c6fe66d4f2c786cd6f3a73f70955fdf73d127c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d22eccd1930f4182b9538555103fa332f1ce56afb0531f07377969470fc1c57
0ea0502231c3a134cc21090a3f9b131fd3d7e3bc2628caf62974307ed990ab03
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11ff8f0927856eb647b3d9a8984d49354e4fe12c28e001fa3bd58212003644f5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13df9d9a6608597b2be359fc363846eea838ad93d8f91ade2856bf415760b338
150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80
1683735a30551a92a925fdc9617d9fb943eb9d7946a6ea6a82f46d36aa1372dd
18396ba08d5e73bfcb155d503f9792d65377dd9233b43858d3d57099396259b6
1917c3076ef0d8345adecdb731cf891e71b907654f77a41f04e55225ffa3094a
1b00b1bfc13107699852b352569a8aa7a277a3a30ef9660bd085baa7a2f1cbec
1eed70330e5c125cf9ab74ddd405b034c692ba6fc738082662bf0135ec4842b8
2576495a051014f4266d58af681327bbf5834626950a5981a62f336aebaef659
271d5cca1017e13cecf9cdb870d1ce2c01c9fe0385c6a5411e43de77d2706cb7
28cd77f1998ccbb4b9803529b9d9c82bdcb0b5955958af87e3231ec3640a1e44
2c1f9b0cb7ebe8cf14f7ef5b6eb055c9da0f473942ca0af28c73da59cf4166f6
2c69e46e5a864667e590268d62982120844a496f5c48394e826289e284927332
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2e2fcaef47a7dbca0213d95282596f1eb8ba19e282b2d0ec7b34fbf8e3a518fa
2e72363c7af8c7621ea920de2a2051ad2ea7b5bcd4c6a943ea9a3149c24b60e0
2f07d434d18dde705e4d229e082df2ba67389e7b957c67ac9f7431903530cad8
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34fe0f84656b496b91cfe919e6f8460e9731b2a4ad163f1e278f8b7af60a8536
35aed295c84a383c6a3707464621aaf638c80b22f18fcb0f5ac69b9579e11606
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5
3e2386b9b4219a296eeb86a5cc9b38686b5297e0eaedc002f43bf15cca47c389
40dedae70490ed1a5bafc9193040cd6020256dbcc92740843ada451c89bba95c
40e2f70ec778afbb6a908f4799508be81fd70f4e459ecc28d1ef4612f875c736
411fcbcc2226f768fece00eee0f2f68813fccec19b77a21e6c257d747a430e09
41fb5f60f3d09ffd9eed1c322178d2a5c2f0626f264388b591bffd54f257bbcb
438c9d3c2003c03f0c8a5414323b96061d09f6feb5ad1fccf0bbf04f88628e20
438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442a6413460d62f9a1dfc49104791af603a3a40abd296f7783b147b57d106cfd
44ae51f7571bab9061d6b5076324e606550e8262b50dbf965ff1aaa50f435e62
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
46c35fd853d67a12a2baff52c8880a9c64d1c7584cbc7fdc2647c1b0c4de7eec
48995f4d2076f91fbe22f2748c20d3101213adee5e0bc7345010a1b7ff55ed70
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b566e742881896faf57be8e03785b8bc41c34ce6e496e28dbb067fa8bccce0a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb514fa778de13246a4256f79bc8e4fd8a92c83c64ece4071543c2d85694e15
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dc8d2b565ff091beec72fb611754ca213d29256cf2cd897a41e67861d5911be
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
512b69dcc4b7ce2511220a14b3bfa835e772d5837ec68af4965ab6dc8423e06d
51530e1f054c6532f5752528576e641b0a1df55f734a386c5fa3eb150dc0d98a
537d56f063d42e0085dc1c65dbaade0f3a5aa6ddca9ad63737f3920989777878
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
547e685a67e7ba0141eb68e037b5d6554e9263103c183448737de90e2a3cbda3
54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3
5556c9d3ed8ddf883df866105d1c9a09931532cdbb4e9b9dfcbc455aead7bc4c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0
5795d648e5c8930d4a1caa635d9db2bdfb502b73347c355aadefe11602f8f6d9
57c05ed054c7020638702409fc407168645e68ddd1b42a2e5f7304746ed2f39e
58387ca9397ec3cb0e0d8e163e3aaf616b33db0a023c16b7824519a834ca6001
5acae25fbb6e948494ec637e76f30a75944d71d84f218211e9132cc1db56282a
5b952b3eca9ed4c65623a444e555514a8f7d7f94edb8aa6d7f0656fe4dde40c0
5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
603eb8587970fa17d1e9ae721512815cb7a7ca872c937d4a3409209f8d62d959
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627d6c92f040deebff6b55ac012b236674e5decf2e032f435c6fbd717af108da
63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
64ad7ef5b85d7ec6ceae5b36eb7877492cabee217312cd4a41335bf9773e7039
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
6728dfd11a3888af716fc08a49897f4b56514ecb3a8a053eab560996750ec9d9
67c18a2f6066397830a4d55dbaf6643233125679100320c4eaa8b23b6ae36603
6a1c1e2aa52fd281652a8487009d77c025eba254a54e6b7e46dae74be22eeac3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
737c272ee31ce3176d4a2509754da320bba871c9c14ba4b4ef73e6dd3ba31979
74254351bbbffcee8dbcbe8d9d0cd785aa39f1df7619ac6d1383b51ff0fd54aa
757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df
7658faa4324e27c7a5d18fed211be1bd4810ee2b0dd24c6e4d3fc154695793ea
76fa41999823d6407034456f61eb86b60fda33ee5d02d3d518c656930db6d74f
7929d563a506ef64369932c67c5ee4e011fdbb044a40304127757ebecbffed55
7b196ea8285409b1635667440b878cc9f30ae3e4b5ae01f8e172577f4664f709
7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0
7c32d05406ef1ca566680dbb93749fca5f208d9ac6259f13d887490c6d5b2277
7dc6b49c4e75071949a8ffea55c79ff40bbfb38a6715c69fc0c6f24df0bf03e7
7df0cf0caaa8d47cffffffc61be3219ad48a3683a3d240f2af97ee904c438735
7eb1552a582c0f5ac5b3b39dc87e875d06e57ccd882947afecaa199e5c7f95f8
7f7dd8f67badcc144df008dfc621f0ead7d36272df3069b7693ce93d6409e236
813369da4a38e4fd0b8c5f4a50134f5bbfa467145f8635213c639f26c8ddd16b
826e453d4035015db88f9ce9989ffc86b9d31a68c2001fc7a0c16623dd2e9573
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b42eeef83a661cb1425a83a39f0b7d70ee4aeb203571e3b8dc5b4f8241aaae
84cb6087d92e5b741b0e7205700bf73268d322f87a1c8c4efc607bdde4bc4ad2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36
85d7ce99c10a78e8b4efa1d58b4045b9333c6a3fee2e6285a1d0fc1f02487773
868f295c498e0072674cee17a091a53c4b34bd3dde1e01e8199a5b172bc49ded
869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
886ee5cb817f28aa1b0fc7a74fb68e1b9faa01da73a269eff1d0d2b655033168
887c8a17ad5826d0ec01041178bbce07b5d9a23a5ecd7dea317d6ce3799025cd
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
897a61f461e2da1c232ce838911e080848f1454071e4e1fea731055df1b03f86
8a134947aa208d1b617de8ed49acd89ec1f9d648668827b0d8f7406310279def
8b6d61df978b94d1e037ed852d9d884131ea33a447b201f0d5595ce64a7716c8
8c1f19c443a7857020dae79c3dd93c080b171aa195764edac955e2874ca9ee27
8cc0abab8d68ea86aebf5b06f0eec7e462beca04228de9206cc1a8853a2708b0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90e96b8ddeddfd57732f5a8da1654a24c24e10692703d3cbaa203ba9164b1c0f
9487510c4ac595f55eb9df4705241a1edaceb92201b421e15e6056105de1a918
95be3318d30d9a461e9cd5f20add883f030ddd8dc49dccdab456c2be5650140e
97c3a778394344f831e075ac9f1414f6d86628d77dca76c6caea59dcf6fa3a10
98162587fefcb5b9e6fdc097d5098cf7a1238a0522d875789a33a21fbc3960f0
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869
99453f14bce468436879a9c70494e0a1965769f68d41d51848e6d91f324e6268
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b88ca73616fe13e69a7dde9864abd56f21fae525024d7f603584e60517ee22e
9bd5a96b3bf2da045675079d1b905ede92d51b9bb502cdaad51640ca784544e8
9c5095db3c914b620bf19dd83c2cb80b6c5ff0fc86115aae33184d369bc4b9dd
9d208b79509407b4229335c39b03f762ce45aff43b68cefee0344b706f65a04f
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01536a4e78676d34742f3d6a8718fd8604dc9c0f4569cbc5a38c1e66d774cf5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a43739be134268837d1a509a7b6c34a79d061417ddc87b99c8cc73bc6796bd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a2c0fddf8db37a360dfa9dbc4d50f6e733318b408354eabfa5000a9c84dcbbe6
a2f75d1620f82477cb2c241eda6f527f531ed6c57fbd60317ca811f69f3e9ceb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b8d41caf72b504b1613e841aec9f50f639afc7b6afd44e454dab0b74399ce2
a5fc0685c28689b639d110fa4998ac34303f22f8d51544d64b10dbbb3c4e7694
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73b1497a430021c5e5278986284162f980b5c7126a240618694ad6c70ef39e4
a7bf159df754b42dec8b00f78199a3b8eef5c02b804a40e664f6e5ebfadb6baa
a86adfc2d049ba63e1a2779a368902ff1861d59f80f9381637e1e56fec3f1e55
a90780df9a27b81c47ca2d3d8e87af6099b16997d01601ecaa2a92a7c44dc342
a9e9ce0f2fe232bf31c9f446a35568c225e8027eee116261a16fdc33170641cb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ae9a441b0dc78249de9f233b561d44b8887bdb4dc97631e3cc64ed12272844d1
aee02a3191810a0f19abf2a16e59fe6ca498dcddddbe7ee689c2be0d45e28a83
af3e5cfbec7a3ad4f4f5ae7f38bd6e857fb46b79a4851ed6084f32adcd327363
b097f8e4d32d148b9b3e42e3ac568b4edde95cb3de99f44346f51469d618979a
b134f0aac23e8a216bea83b21173b25934c61d4dca922ad561b5bb5d63e358ce
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22967a462d6c2e92676c0fb62e5c9a111dbde1a7b7e13643d52681e521c8d8e
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2e04cfc57b95d02a1b92790f5e6f5b2cb22aea26ae95815149fb181d2325928
b3c14b6a4d44a7fbd89db303bd87273ab41e9a4e59d6da6248fe8e88203a5e4b
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b54a8886d9f985ab5660c3881cb9808f22a18751888e67670104ea08cb691028
b7d4ce51581ac5510239e857ad0fb63dcbe0f674d2d64fde2e0ec6c45ed7d8a0
bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bc9399a1d9cf60902f99fc281b1f891001e088e5da2a9eabd80b989a693f0bd2
bdcc02027cf7170a9149086ba1f401cd7ec5582383891bb3d021c31c3769b7a7
be66f2a7e95a29627f762c8b1c399a8a19f1b502f9dd31e5d5b7a9d56129acc9
c108ad144449d35757fb7b4815facc7a3e88895bea6a4844d7051b1766be213f
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c1e11ee4f638dd46d8abba52ee6780b980df1a6c98fb85cc5a85d79968648068
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c4a7c200ea7f982f63b0dc34f9de8210887e702701279c1bb27c7f1ced930fee
c7333825d97e65bd8b6c312d53204967fe922cfdbfe800e1df91aefa1181d797
c7bbbc578682b551e04f72c16ac8f09fcf1546b526ac807da31a94b7dff57b63
c804a87a8ade10d10b47f130305c38a4d5086bbf6e2200c6340cb53f7fd6bd51
ca724b62c978e49a2f0a167baa85bc0aaa04429b1ca9d188b669699c8c65ecf3
cad23c63c500d428b4a3c0f9d23109d1021f7218867f313802ffbc2cb0104275
cc43b5bf93cd3ce4ff97572e985d4218bc87099ca17111badf92b52e7c540a4c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406
cf16a55522058188dadd392a0905adfef8245106b7fce43132af9690aff1b65c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d21ca89aa77c6d673f2f2ff7bd075f4c95ac8d6d34dd368739fa87956904d588
d25f5406aa06cd237403d5cd9da189aa8a12a4877667e118905617210d3eb45f
d7cd54a0769592ecfc8cb8b587968ba6d9492df16965c0d2a2972df88f6741c5
d8f8cec87c995b98cccf83861331c956248461cd133f529629ee685c06dd82cb
d90089c8fc8f0daacb8b0a1e616b8f546eac289f26bd63a59eec8e554a9427a8
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dce539a0c31f48ae62714b74b82d08d27555ae0d5380147923b3cda74d50ece9
de15d11d0b75d896720b1a6a915527c51593b216710031be397efe2a80553696
de3b7e01aea0bd98d6d26ecf3123bf335692cb50664dd50031783d2adcc5841a
deb9ddcde77a5217a5cb455fb4e4138b66236e751f5a6bba374ed0032b8864cc
df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470
e05fa24cbfd2c2cb678c04f95358e36c93abf672dbd2d0a346a604eb0310e19a
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e88521502d9cfe219a16acebc1a3fda2eca6544b7337901e6a22aeaabf3150c6
eb6823022ab5173c6429958e22aa359f383b50a2b08eaf1722c45468534870fc
ebcc84cb54d0f9bd1fefa967f7d0849bf0eab06e40cbf6ea2a04870ce4971d53
ed535518527eb0e95f88a5506ff3a2f0d6202ae5805f2e4b91a659a793413bf0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbd250e25ad97b508352818ddeb07cbb64bdd6cc38872ac85b24b8c3da15b59
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f24fa2d58180c44d78dc768b8cbecd0da264adf6bef9611b7c2b2cb93d12aee0
f3573b2e94941769c1a150bd10c4997268c3a9011f5f0a07e9c840dd5d5257cd
f454ff8f488843de39c46cc878b0df9eff6d61090c62e43b1d09aef0e48c8c8d
f45530ee93fe1451632f4c4da09ff7b9dcbbe6a64f2ae824c058c78fababd34c
f4af97b73cce56b4e1b2ef060fd79172372bd274c95cea97be3a351cffa8fbee
f4b474ac791a8d6bfa3202df5c799386069f7692bc555341bc2b97ca7f62a09b
f7f57ec5443d426fffe6ed09259a322132ced497e3b0418f49ba346f286cbdc6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b
f8b7e7da391617d667319a9234d029f8b811347f3b15f6cca097ab2048dd09f0
f9a36d1d0744eb1e248117b7514eae76f7082654ee3707ecbfebe645ab3b7740
fc040d616a89acc59a2ec1ff5b60ecb02891ad55a71e57ecd4e9e2b14d7c040b
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75
fe52246a5c5f962f30bd3fb70bf885eb689f366567d21d9be1407923ef4a5599
ff24c1186799f34e1ae4507f08c3b0f9c0934dba05efec8f90fa7394a6342e3f
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

m.kooora.com Open in urlscan Pro 104.18.8.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

284 Requests

92 %HTTPS

44 %IPv6

42 Domains

66 Subdomains

50 IPs

11 Countries

3087 kBTransfer

10383 kBSize

64 Cookies

24 Outgoing links

Redirected requests

284 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

m.kooora.com Open in urlscan Pro
104.18.8.101 Public Scan

Screenshot
Live screenshot

Full Image

284
Requests

92 %
HTTPS

44 %
IPv6

42
Domains

66
Subdomains

50
IPs

11
Countries

3087 kB
Transfer

10383 kB
Size

64
Cookies

284 HTTP transactions
5 data transactions