urlscan.io logo urlscan.io
SecurityTrails logo

www.kooora.com Open in urlscan Pro
104.18.8.101  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.kooora.com/
Submission: On August 17 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 108 IPs in 11 countries across 129 domains to perform 569 HTTP transactions. The main IP is 104.18.8.101, located in and belongs to CLOUDFLARENET, US. The main domain is www.kooora.com. The Cisco Umbrella rank of the primary domain is 172622.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2023. Valid for: a year.
This is the only time www.kooora.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.18.8.101 13335 (CLOUDFLAR...)
3 23.41.169.149 16625 (AKAMAI-AS)
1 18.164.124.111 16509 (AMAZON-02)
98 23.33.40.208 20940 (AKAMAI-ASN1)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 104.16.57.101 13335 (CLOUDFLAR...)
1 141.148.8.2 31898 (ORACLE-BM...)
1 3.160.5.98 16509 (AMAZON-02)
1 54.146.222.254 14618 (AMAZON-AES)
6 34.110.181.170 396982 (GOOGLE-CL...)
2 104.19.149.54 13335 (CLOUDFLAR...)
2 3.11.50.69 16509 (AMAZON-02)
4 31.13.71.7 32934 (FACEBOOK)
2 4 108.139.47.33 16509 (AMAZON-02)
4 172.217.13.174 15169 (GOOGLE)
2 142.250.64.72 15169 (GOOGLE)
1 3 192.184.68.215 14618 (AMAZON-AES)
1 1 104.26.8.50 13335 (CLOUDFLAR...)
1 104.26.6.139 13335 (CLOUDFLAR...)
19 172.217.13.162 15169 (GOOGLE)
2 104.18.4.165 13335 (CLOUDFLAR...)
1 156.146.36.24 60068 (CDN77 ^_^)
14 34.107.254.252 396982 (GOOGLE-CL...)
2 192.229.163.25 15133 (EDGECAST)
2 104.18.23.251 13335 (CLOUDFLAR...)
1 18.238.4.65 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
8 13 68.67.160.186 29990 (ASN-APPNEX)
2 18.238.8.230 16509 (AMAZON-02)
1 151.101.65.229 54113 (FASTLY)
1 108.156.180.227 16509 (AMAZON-02)
1 172.67.75.241 13335 (CLOUDFLAR...)
1 3.160.5.85 16509 (AMAZON-02)
6 3.230.217.116 14618 (AMAZON-AES)
1 35.211.124.105 15169 (GOOGLE)
1 3.211.37.116 14618 (AMAZON-AES)
2 4 104.18.24.185 13335 (CLOUDFLAR...)
1 74.119.119.129 19750 (AS-CRITEO)
5 8.43.72.41 26667 (RUBICONPR...)
1 104.18.2.114 13335 (CLOUDFLAR...)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 18.238.25.42 16509 (AMAZON-02)
1 23.53.174.85 20940 (AKAMAI-ASN1)
1 104.22.52.86 13335 (CLOUDFLAR...)
3 31.13.71.36 32934 (FACEBOOK)
1 172.253.63.155 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
2 104.26.2.70 13335 (CLOUDFLAR...)
2 142.251.41.6 15169 (GOOGLE)
1 104.244.42.72 13414 (TWITTER)
6 172.217.13.100 15169 (GOOGLE)
1 172.217.13.163 15169 (GOOGLE)
2 18 52.46.128.147 16509 (AMAZON-02)
1 104.18.22.145 13335 (CLOUDFLAR...)
5 142.250.65.225 15169 (GOOGLE)
9 12 162.19.138.120 16276 (OVH)
26 216.239.34.21 15169 (GOOGLE)
15 54 172.217.13.98 15169 (GOOGLE)
9 11 3.33.220.150 16509 (AMAZON-02)
2 2 3.160.5.11 16509 (AMAZON-02)
5 172.217.13.193 15169 (GOOGLE)
25 172.217.13.97 15169 (GOOGLE)
1 2 54.88.169.209 14618 (AMAZON-AES)
2 74.119.119.131 19750 (AS-CRITEO)
4 4 23.105.12.171 30633 (LEASEWEB-...)
1 1 20.127.253.7 8075 (MICROSOFT...)
4 23.196.184.208 16625 (AKAMAI-AS)
6 96.17.65.140 16625 (AKAMAI-AS)
3 6 198.148.27.131 19189 (PULSEPOINT)
1 1 63.251.86.49 10913 (INTERNAP-BLK)
1 7 63.251.86.51 32475 (SINGLEHOP...)
3 4 35.71.139.29 16509 (AMAZON-02)
1 3.160.5.39 16509 (AMAZON-02)
1 34.160.111.29 396982 (GOOGLE-CL...)
3 19 104.18.25.185 13335 (CLOUDFLAR...)
3 3 173.231.178.77 32475 (SINGLEHOP...)
2 2 35.214.143.138 ()
8 8 54.158.193.202 14618 (AMAZON-AES)
10 172.217.13.194 15169 (GOOGLE)
36 142.250.72.98 15169 (GOOGLE)
2 54.204.52.200 14618 (AMAZON-AES)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
2 2 8.43.72.97 26667 (RUBICONPR...)
13 14 35.211.178.172 19527 (GOOGLE-2)
1 1 51.222.105.60 16276 (OVH)
1 1 18.205.99.4 14618 (AMAZON-AES)
1 18 52.207.45.55 14618 (AMAZON-AES)
2 2 35.210.53.219 19527 (GOOGLE-2)
3 4 64.202.112.159 22075 (AS-OUTBRAIN)
2 2 82.145.213.8 39832 (NO-OPERA)
4 6 34.98.64.218 396982 (GOOGLE-CL...)
2 2 52.45.151.151 ()
2 4 34.206.18.162 14618 (AMAZON-AES)
2 2 52.205.57.26 14618 (AMAZON-AES)
4 4 193.122.128.135 31898 (ORACLE-BM...)
2 169.197.150.8 398989 (DEEPINTENT)
8 8 64.202.112.63 23352 (SERVERCEN...)
2 2 184.50.205.247 16625 (AKAMAI-AS)
3 3 3.214.238.123 14618 (AMAZON-AES)
4 5 151.101.130.49 54113 (FASTLY)
1 1 124.146.215.45 2514 (INFOSPHER...)
1 80.77.87.166 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 23.4.226.82 16625 (AKAMAI-AS)
23 142.250.65.198 15169 (GOOGLE)
1 1 165.254.203.172 2914 (NTT-LTD-2914)
5 5 185.167.164.39 198622 (ADFORM)
2 2 69.166.1.35 27630 (AS-XFERNET)
1 1 3.225.160.247 14618 (AMAZON-AES)
8 11 8.43.72.98 26667 (RUBICONPR...)
1 13.107.42.14 8068 (MICROSOFT...)
1 67.220.228.201 16509 (AMAZON-02)
1 2 35.244.193.51 15169 (GOOGLE)
2 3.213.30.187 14618 (AMAZON-AES)
1 151.101.1.108 54113 (FASTLY)
2 104.18.11.47 13335 (CLOUDFLAR...)
2 2 52.5.86.220 14618 (AMAZON-AES)
4 8 104.36.115.113 62713 (AS-PUBMATIC)
2 2 50.57.31.206 19994 (RACKSPACE)
1 1 216.200.232.253 30419 (MEDIAMATH...)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 2 23.200.197.46 16625 (AKAMAI-AS)
2 2 174.137.133.49 27257 (WEBAIR-IN...)
1 1 3.234.113.180 14618 (AMAZON-AES)
1 1 52.45.175.185 14618 (AMAZON-AES)
2 2 34.200.65.202 14618 (AMAZON-AES)
2 74.119.119.150 19750 (AS-CRITEO)
6 6 199.127.204.147 26120 (RHYTHMONE)
4 4 8.18.45.41 25751 (VALUECLICK)
3 3 50.116.194.21 6336 (TURN-US-ASN)
1 38.98.139.150 26558 (FREEWHEEL)
2 2 35.211.233.246 15169 (GOOGLE)
1 192.40.39.223 27381 (CASALE-MEDIA)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 23.105.12.173 30633 (LEASEWEB-...)
8 8.28.7.83 62713 (AS-PUBMATIC)
2 16 162.248.18.37 62713 (AS-PUBMATIC)
1 40.76.134.238 8075 (MICROSOFT...)
2 162.248.18.34 62713 (AS-PUBMATIC)
1 2 34.201.190.211 14618 (AMAZON-AES)
1 44.207.104.173 14618 (AMAZON-AES)
1 52.20.44.137 14618 (AMAZON-AES)
3 3 162.210.196.208 30633 (LEASEWEB-...)
1 1 35.190.90.30 ()
1 18.207.85.110 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
2 2 52.7.24.177 ()
1 1 199.38.167.131 ()
1 2 107.20.73.155 ()
1 52.210.102.189 ()
2 2 207.198.113.87 ()
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 69.90.254.78 ()
569 108
4    104.18.8.101 (None, )

ASN13335 (CLOUDFLARENET, US)
www.kooora.com
3    23.41.169.149 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-169-149.deploy.static.akamaitechnologies.com
z.moatads.com
1    18.164.124.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-111.jfk50.r.cloudfront.net
lngtd.com
98    23.33.40.208 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-40-208.deploy.static.akamaitechnologies.com
o.kooora.com
img.kooora.com
cdn.fcp.codes
fcp-api.footballco.cloud
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    141.148.8.2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
1    3.160.5.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-98.cmh68.r.cloudfront.net
c.aps.amazon-adsystem.com
1    54.146.222.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-222-254.compute-1.amazonaws.com
conf.lngtd.com
6    34.110.181.170 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.181.110.34.bc.googleusercontent.com
roseincome.com
2    104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
2    3.11.50.69 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-50-69.eu-west-2.compute.amazonaws.com
spadsync.com
4    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
4    108.139.47.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-33.jfk50.r.cloudfront.net
sb.scorecardresearch.com
4    172.217.13.174 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f14.1e100.net
www.google-analytics.com
2    142.250.64.72 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f8.1e100.net
www.googletagmanager.com
3    192.184.68.215 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.26.8.50 (None, )

ASN13335 (CLOUDFLARENET, US)
longitudeads-com.videoplayerhub.com
1    104.26.6.139 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
19    172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net
securepubads.g.doubleclick.net
2    104.18.4.165 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    156.146.36.24 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 137173278.nyc.cdn77.com
p.lngtdv.com
14    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
2    192.229.163.25 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    104.18.23.251 (None, )

ASN13335 (CLOUDFLARENET, US)
ktv.kooora.ws
1    18.238.4.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-65.phl51.r.cloudfront.net
static.adsafeprotected.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co
13    68.67.160.186 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    18.238.8.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-8-230.phl51.r.cloudfront.net
c.amazon-adsystem.com
1    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    108.156.180.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-180-227.cmh68.r.cloudfront.net
aax.amazon-adsystem.com
1    172.67.75.241 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    3.160.5.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-85.cmh68.r.cloudfront.net
rules.quantcount.com
6    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
1    35.211.124.105 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 105.124.211.35.bc.googleusercontent.com
grid.bidswitch.net
1    3.211.37.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-37-116.compute-1.amazonaws.com
hb.yellowblue.io
4    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
5    8.43.72.41 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    104.18.2.114 (None, )

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    18.238.25.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-25-42.cmh68.r.cloudfront.net
ats.rlcdn.com
1    23.53.174.85 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-174-85.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com
1    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
stats.g.doubleclick.net
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    142.251.41.6 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f6.1e100.net
ad.doubleclick.net
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
6    172.217.13.100 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f4.1e100.net
www.google.com
1    172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net
www.google.ca
18    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    104.18.22.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
5    142.250.65.225 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f1.1e100.net
36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
12    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
id5-sync.com
26    216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net
it.lngtd.com
54    172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
cm.g.doubleclick.net
www.googletagservices.com
11    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    3.160.5.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-11.cmh68.r.cloudfront.net
s.ad.smaato.net
5    172.217.13.193 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f1.1e100.net
cdn.ampproject.org
25    172.217.13.97 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f1.1e100.net
tpc.googlesyndication.com
2    54.88.169.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-169-209.compute-1.amazonaws.com
rtb.gumgum.com
2    74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
4    23.105.12.171 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
4    23.196.184.208 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-184-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    96.17.65.140 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-65-140.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    63.251.86.49 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
7    63.251.86.51 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
4    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    3.160.5.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-39.cmh68.r.cloudfront.net
geo.privacymanager.io
1    34.160.111.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.111.160.34.bc.googleusercontent.com
ae-gmtdmp.mookie1.com
19    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
3    173.231.178.77 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    35.214.143.138 (None, )

ASN- ()
csync.loopme.me
8    54.158.193.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-193-202.compute-1.amazonaws.com
match.prod.bidr.io
10    172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
36    142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
pagead2.googlesyndication.com
2    54.204.52.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-52-200.compute-1.amazonaws.com
protected-by.clarium.io
2    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
14    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    51.222.105.60 (Canada)

ASN16276 (OVH, FR)
PTR: ns576843.ip-51-222-105.net
sync2.resetdigital.co
1    18.205.99.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-99-4.compute-1.amazonaws.com
aorta.clickagy.com
18    52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com
usersync.gumgum.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
4    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    52.45.151.151 (None, )

ASN- ()
sync.srv.stackadapt.com
4    34.206.18.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-18-162.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
2    52.205.57.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-57-26.compute-1.amazonaws.com
sync.ipredictive.com
4    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
8    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    184.50.205.247 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-247.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    3.214.238.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-238-123.compute-1.amazonaws.com
ad.360yield.com
match.360yield.com
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    124.146.215.45 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    23.4.226.82 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-226-82.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
23    142.250.65.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net
s0.2mdn.net
1    165.254.203.172 (United States)

ASN2914 (NTT-LTD-2914, US)
aep.mxptint.net
5    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    3.225.160.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-160-247.compute-1.amazonaws.com
google.partners.tremorhub.com
11    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    3.213.30.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-30-187.compute-1.amazonaws.com
id.crwdcntrl.net
bcp.crwdcntrl.net
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    52.5.86.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-86-220.compute-1.amazonaws.com
ads.avct.cloud
8    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    23.200.197.46 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-197-46.deploy.static.akamaitechnologies.com
sync.teads.tv
2    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    3.234.113.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-113-180.compute-1.amazonaws.com
ads.yieldmo.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
2    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
6    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    8.18.45.41 (Miami, United States)

ASN25751 (VALUECLICK, US)
PTR: ric04-nessy-float1.dotomi.com
pulsepoint-match.dotomi.com
pubmatic-match.dotomi.com
3    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
1    38.98.139.150 (Chicago, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
1    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum.casalemedia.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
1    23.105.12.173 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
8    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
16    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    34.201.190.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-190-211.compute-1.amazonaws.com
thrtle.com
1    44.207.104.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-104-173.compute-1.amazonaws.com
crb.kargo.com
1    52.20.44.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-44-137.compute-1.amazonaws.com
sync.bfmio.com
3    162.210.196.208 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    35.190.90.30 (None, )

ASN- ()
odr.mookie1.com
1    18.207.85.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-85-110.compute-1.amazonaws.com
rtb.adentifi.com
2    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    52.7.24.177 (None, )

ASN- ()
pm.w55c.net
1    199.38.167.131 (None, )

ASN- ()
p.rfihub.com
2    107.20.73.155 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
1    52.210.102.189 (None, )

ASN- ()
synchroscript.deliveryengine.adswizz.com
2    207.198.113.87 (None, )

ASN- ()
pixel-sync.sitescout.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
Apex Domain
Subdomains		 Transfer
94 kooora.com
www.kooora.com — Cisco Umbrella Rank: 172622
o.kooora.com — Cisco Umbrella Rank: 183092
img.kooora.com — Cisco Umbrella Rank: 169180
1 MB
76 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
stats.g.doubleclick.net — Cisco Umbrella Rank: 122
ad.doubleclick.net — Cisco Umbrella Rank: 187
cm.g.doubleclick.net — Cisco Umbrella Rank: 261
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371
488 KB
66 googlesyndication.com
36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 Failed
4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
449 KB
39 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 672
ads.pubmatic.com — Cisco Umbrella Rank: 651
image6.pubmatic.com — Cisco Umbrella Rank: 989
image2.pubmatic.com — Cisco Umbrella Rank: 1137
simage2.pubmatic.com — Cisco Umbrella Rank: 982
image4.pubmatic.com — Cisco Umbrella Rank: 1409
simage4.pubmatic.com — Cisco Umbrella Rank: 1434
51 KB
28 lngtd.com
lngtd.com — Cisco Umbrella Rank: 15664
conf.lngtd.com — Cisco Umbrella Rank: 24637
it.lngtd.com — Cisco Umbrella Rank: 17230
77 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 647
eus.rubiconproject.com — Cisco Umbrella Rank: 737
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1308
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1248
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
token.rubiconproject.com — Cisco Umbrella Rank: 748
44 KB
24 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 741
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760
dsum.casalemedia.com — Cisco Umbrella Rank: 1784
18 KB
23 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
693 KB
23 amazon-adsystem.com
c.aps.amazon-adsystem.com — Cisco Umbrella Rank: 49310
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 435
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142
74 KB
20 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1791
usersync.gumgum.com — Cisco Umbrella Rank: 2073
6 KB
16 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3129
api.permutive.com — Cisco Umbrella Rank: 2345
googlesync.permutive.com — Cisco Umbrella Rank: 9880
429 KB
15 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1215
x.bidswitch.net — Cisco Umbrella Rank: 372
6 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 275
secure.adnxs.com — Cisco Umbrella Rank: 542
acdn.adnxs.com — Cisco Umbrella Rank: 703
26 KB
12 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1013
id5-sync.com — Cisco Umbrella Rank: 440
42 KB
12 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1861
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545
ups.analytics.yahoo.com — Cisco Umbrella Rank: 356
4 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 396
6 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
449 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 667
5 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 727
4 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 864
ce.lijit.com — Cisco Umbrella Rank: 1118
8 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 678
6 KB
6 openx.net
u.openx.net Failed
us-u.openx.net — Cisco Umbrella Rank: 605
1 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 3
968 B
6 fcp.codes
cdn.fcp.codes — Cisco Umbrella Rank: 28507
90 KB
6 roseincome.com
roseincome.com — Cisco Umbrella Rank: 178684
50 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 615
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 720
3 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 964
1 KB
5 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 8228
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1027
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 817
1 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 387
110 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 702
3 KB
4 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1555
3 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 928
1 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 437
1 KB
4 dotomi.com
amazon-tam-match.dotomi.com Failed
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 9421
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4377
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 62
69 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 176
3 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
224 KB
4 moatads.com
z.moatads.com — Cisco Umbrella Rank: 767
mb.moatads.com — Cisco Umbrella Rank: 843
96 KB
3 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 3451
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1080
1 KB
3 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 7319
pmp.mxptint.net — Cisco Umbrella Rank: 6718
2 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 802
match.360yield.com — Cisco Umbrella Rank: 2456
949 B
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1649
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
234 B
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 885
gum.criteo.com Failed
dis.criteo.com — Cisco Umbrella Rank: 745
918 B
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1172
syndication.twitter.com — Cisco Umbrella Rank: 1416
132 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1412
pixel.quantserve.com — Cisco Umbrella Rank: 1151
cms.quantserve.com — Cisco Umbrella Rank: 1015
10 KB
2 sitescout.com
pixel-sync.sitescout.com
938 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
835 B
2 w55c.net
pm.w55c.net
2 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1501
684 B
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 5749
ipac.ctnsnet.com — Cisco Umbrella Rank: 6848
757 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3061
963 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1497
1 KB
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7960
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1550
628 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1400
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 5098
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 849
cdn.indexww.com — Cisco Umbrella Rank: 1942
2 KB
2 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2875
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036
sync.crwdcntrl.net Failed
1 KB
2 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2124
592 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1195
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 674
701 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 716
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1219
349 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1183
1019 B
2 stackadapt.com
sync.srv.stackadapt.com
3 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1719
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6360
750 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1009
1 KB
2 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1697
487 B
2 loopme.me
csync.loopme.me
483 B
2 mookie1.com
ae-gmtdmp.mookie1.com — Cisco Umbrella Rank: 633658
odr.mookie1.com
854 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 710
60 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 938
997 B
2 footballco.cloud
fcp-api.footballco.cloud — Cisco Umbrella Rank: 30889
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1297
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1731
mp.4dex.io — Cisco Umbrella Rank: 2922
3 KB
2 kooora.ws
ktv.kooora.ws — Cisco Umbrella Rank: 286010
524 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1668
101 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1213
api.btloader.com — Cisco Umbrella Rank: 1267
8 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
123 KB
2 spadsync.com
spadsync.com — Cisco Umbrella Rank: 70351
177 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3654
308 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com
397 B
1 rfihub.com
p.rfihub.com
792 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1495
285 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2009
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1866
359 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 5912
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
608 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 15670
519 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 808
595 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1279
670 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 421
515 B
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 16019
634 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1168
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1218
828 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2484
428 B
1 resetdigital.co
sync2.resetdigital.co — Cisco Umbrella Rank: 7526
455 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2287
606 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1549
mweb.ck.inmobi.com Failed
622 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1189
401 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1928
434 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 8647
408 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1460
17 KB
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2789
idsync.rlcdn.com Failed
78 KB
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 3660
cs-server-s2s.yellowblue.io Failed
451 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1302
635 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
1 KB
1 prmutv.co
f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co — Cisco Umbrella Rank: 390085
394 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 751
482 B
1 lngtdv.com
p.lngtdv.com — Cisco Umbrella Rank: 22734
229 KB
1 videoplayerhub.com
longitudeads-com.videoplayerhub.com — Cisco Umbrella Rank: 36578
448 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1212
7 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277
27 KB
0 playground.xyz Failed
ads.playground.xyz Failed
0 narrative.io Failed
io.narrative.io Failed
0 liadm.com Failed
i.liadm.com Failed
0 rtactivate.com Failed
bpi.rtactivate.com Failed
0 appier.net Failed
gocm.c.appier.net Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 brightcove.net Failed
players.brightcove.net Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 tappx.com Failed
ssp.api.tappx.com Failed
0 googleapis.com Failed
fonts.googleapis.com Failed
0 gemius.pl Failed
gaae.hit.gemius.pl Failed
569 129
Domain Requested by
66 img.kooora.com www.kooora.com
o.kooora.com
44 cm.g.doubleclick.net 15 redirects rtb.gumgum.com
www.kooora.com
36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
eus.rubiconproject.com
googleads.g.doubleclick.net
4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
36 pagead2.googlesyndication.com www.googletagservices.com
36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
ad.doubleclick.net
4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
www.kooora.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
26 it.lngtd.com lngtd.com
25 tpc.googlesyndication.com www.kooora.com
36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
ad.doubleclick.net
pagead2.googlesyndication.com
24 o.kooora.com www.kooora.com
o.kooora.com
23 s0.2mdn.net ad.doubleclick.net
www.kooora.com
s0.2mdn.net
19 securepubads.g.doubleclick.net lngtd.com
securepubads.g.doubleclick.net
www.kooora.com
www.googletagservices.com
18 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
18 s.amazon-adsystem.com 2 redirects c.aps.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
ce.lijit.com
rtb.gumgum.com
eus.rubiconproject.com
bh.contextweb.com
ads.pubmatic.com
16 simage2.pubmatic.com 2 redirects ads.pubmatic.com
rtb.gumgum.com
s.amazon-adsystem.com
15 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
14 x.bidswitch.net 13 redirects www.kooora.com
13 api.permutive.com lngtd.com
cdn.permutive.com
11 id5-sync.com 9 redirects cdn.id5-sync.com
p.lngtdv.com
www.kooora.com
11 match.adsrvr.org 9 redirects www.kooora.com
p.lngtdv.com
11 ib.adnxs.com 6 redirects cdn.permutive.com
p.lngtdv.com
acdn.adnxs.com
googleads.g.doubleclick.net
10 www.googletagservices.com www.kooora.com
36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
ad.doubleclick.net
8 image2.pubmatic.com ads.pubmatic.com
s.amazon-adsystem.com
8 image6.pubmatic.com 4 redirects ads.pubmatic.com
8 b1sync.zemanta.com 8 redirects
8 match.prod.bidr.io 8 redirects
7 pixel.rubiconproject.com 4 redirects eus.rubiconproject.com
7 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
7 ssum-sec.casalemedia.com 3 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
rtb.gumgum.com
js-sec.indexww.com
6 googleads4.g.doubleclick.net ad.doubleclick.net
www.kooora.com
6 us-u.openx.net 4 redirects googleads.g.doubleclick.net
rtb.gumgum.com
6 bh.contextweb.com 3 redirects s.amazon-adsystem.com
bh.contextweb.com
6 eus.rubiconproject.com s.amazon-adsystem.com
rtb.gumgum.com
eus.rubiconproject.com
p.lngtdv.com
6 www.google.com www.kooora.com
36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
tpc.googlesyndication.com
4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
6 c2shb.pubgw.yahoo.com p.lngtdv.com
6 cdn.fcp.codes o.kooora.com
cdn.fcp.codes
6 roseincome.com lngtd.com
www.kooora.com
roseincome.com
ats.rlcdn.com
5 pixel.tapad.com 3 redirects ads.pubmatic.com
s.amazon-adsystem.com
5 c1.adform.net 5 redirects
5 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
5 cdn.ampproject.org cdn.confiant-integrations.net
5 fastlane.rubiconproject.com p.lngtdv.com
4 sync.1rx.io 4 redirects
4 token.rubiconproject.com 4 redirects
4 sync.technoratimedia.com 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 googleads.g.doubleclick.net 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
www.kooora.com
4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
pagead2.googlesyndication.com
4 eb2.3lift.com 3 redirects ads.pubmatic.com
4 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
p.lngtdv.com
ads.pubmatic.com
4 www.google-analytics.com www.kooora.com
www.google-analytics.com
www.googletagmanager.com
4 sb.scorecardresearch.com 2 redirects www.kooora.com
4 connect.facebook.net o.kooora.com
connect.facebook.net
4 www.kooora.com cdnjs.cloudflare.com
o.kooora.com
www.kooora.com
3 sync.aralego.com 3 redirects
3 ad.turn.com 3 redirects
3 cm.adgrx.com 3 redirects
3 ssbsync.smartadserver.com 3 redirects
3 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
3 www.facebook.com www.kooora.com
3 z.moatads.com www.kooora.com
z.moatads.com
2 pixel-sync.sitescout.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 pmp.mxptint.net 1 redirects rtb.gumgum.com
2 pubmatic-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects rtb.gumgum.com
2 a.sportradarserving.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 dis.criteo.com 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects
2 dsp.adkernel.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 uipglob.semasio.net 2 redirects
2 ads.avct.cloud 2 redirects
2 lexicon.33across.com 1 redirects www.kooora.com
2 sync.go.sonobi.com 2 redirects
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 stags.bluekai.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
ads.pubmatic.com
2 sync.ipredictive.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 t.adx.opera.com 2 redirects
2 pool.admedo.com 2 redirects
2 secure.adnxs.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 um.simpli.fi 2 redirects
2 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 protected-by.clarium.io 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
2 csync.loopme.me 2 redirects
2 static.criteo.net p.lngtdv.com
static.criteo.net
2 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
2 s.ad.smaato.net 2 redirects
2 fcp-api.footballco.cloud cdn.fcp.codes
2 ad.doubleclick.net www.kooora.com
2 ad-delivery.net www.kooora.com
2 c.amazon-adsystem.com c.aps.amazon-adsystem.com
2 ktv.kooora.ws o.kooora.com
2 platform.twitter.com o.kooora.com
platform.twitter.com
2 cdn.confiant-integrations.net lngtd.com
cdn.confiant-integrations.net
2 www.googletagmanager.com www.kooora.com
www.googletagmanager.com
2 spadsync.com lngtd.com
o.kooora.com
2 cdn.permutive.com lngtd.com
cdn.permutive.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 ums.acuityplatform.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 bcp.crwdcntrl.net s.amazon-adsystem.com
1 synchroscript.deliveryengine.adswizz.com s.amazon-adsystem.com
1 p.rfihub.com 1 redirects
1 rtb.adentifi.com rtb.gumgum.com
1 odr.mookie1.com 1 redirects
1 sync.bfmio.com rtb.gumgum.com
1 crb.kargo.com rtb.gumgum.com
1 cms.quantserve.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 im.bluevoox.com 1 redirects
1 match.360yield.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 js-sec.indexww.com p.lngtdv.com
1 acdn.adnxs.com p.lngtdv.com
1 id.crwdcntrl.net p.lngtdv.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 google.partners.tremorhub.com 1 redirects
1 aep.mxptint.net 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 cs.admanmedia.com rtb.gumgum.com
1 tg.socdm.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 sync2.resetdigital.co 1 redirects
1 ae-gmtdmp.mookie1.com www.kooora.com
1 geo.privacymanager.io ats.rlcdn.com
1 ap.lijit.com 1 redirects
1 sync.inmobi.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 googlesync.permutive.com www.kooora.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 pixel.quantserve.com www.kooora.com
1 cadmus.script.ac script.4dex.io
1 www.google.ca www.kooora.com
1 syndication.twitter.com platform.twitter.com
1 api.btloader.com longitudeads-com.videoplayerhub.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.id5-sync.com www.kooora.com
1 secure.cdn.fastclick.net www.kooora.com
1 ats.rlcdn.com www.kooora.com
1 hbopenbid.pubmatic.com p.lngtdv.com
1 mp.4dex.io p.lngtdv.com
1 bidder.criteo.com p.lngtdv.com
1 htlb.casalemedia.com p.lngtdv.com
1 hb.yellowblue.io p.lngtdv.com
1 grid.bidswitch.net p.lngtdv.com
1 rules.quantcount.com secure.quantserve.com
1 script.4dex.io p.lngtdv.com
script.4dex.io
1 aax.amazon-adsystem.com c.aps.amazon-adsystem.com
1 cdn.jsdelivr.net p.lngtdv.com
1 f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co cdn.permutive.com
1 static.adsafeprotected.com www.kooora.com
1 p.lngtdv.com lngtd.com
1 btloader.com www.kooora.com
1 longitudeads-com.videoplayerhub.com 1 redirects
1 secure.quantserve.com lngtd.com
1 conf.lngtd.com lngtd.com
1 c.aps.amazon-adsystem.com lngtd.com
1 mb.moatads.com z.moatads.com
1 static.cloudflareinsights.com www.kooora.com
1 cdnjs.cloudflare.com www.kooora.com
1 lngtd.com www.kooora.com
0 ads.playground.xyz Failed www.kooora.com
0 io.narrative.io Failed www.kooora.com
0 sync.crwdcntrl.net Failed www.kooora.com
0 i.liadm.com Failed www.kooora.com
0 bpi.rtactivate.com Failed www.kooora.com
0 mweb.ck.inmobi.com Failed ads.pubmatic.com
0 gocm.c.appier.net Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 idsync.rlcdn.com Failed s.amazon-adsystem.com
0 gum.criteo.com Failed p.lngtdv.com
0 cs-server-s2s.yellowblue.io Failed s.amazon-adsystem.com
0 players.brightcove.net Failed cdn.fcp.codes
0 match.sharethrough.com Failed s.amazon-adsystem.com
0 amazon-tam-match.dotomi.com Failed s.amazon-adsystem.com
0 ssp.api.tappx.com Failed s.amazon-adsystem.com
0 u.openx.net Failed s.amazon-adsystem.com
0 fonts.googleapis.com Failed cdn.confiant-integrations.net
0 gaae.hit.gemius.pl Failed o.kooora.com
569 192
Subject Issuer Validity Valid
kooora.com
Cloudflare Inc ECC CA-3		 2023-07-09 -
2024-07-08		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.lngtd.com
Amazon RSA 2048 M01		 2023-01-19 -
2024-02-17		 a year crt.sh
san1.footballco.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-04 -
2024-05-07		 10 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
c.aps.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-30 -
2024-07-28		 a year crt.sh
roseincome.com
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
www.spadsync.com
Go Daddy Secure Certificate Authority - G2		 2023-02-20 -
2024-03-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-26 -
2023-08-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-07-23 -
2023-10-21		 3 months crt.sh
1449458088.rsc.cdn77.org
R3		 2023-06-30 -
2023-09-28		 3 months crt.sh
api.permutive.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
ktv.kooora.ws
E1		 2023-07-24 -
2023-10-22		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.prmutv.co
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
quantserve.com
R3		 2023-08-12 -
2023-11-10		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-23 -
2023-11-15		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-31 -
2024-01-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
script.ac
E1		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
it.lngtd.com
GTS CA 1D4		 2023-07-20 -
2023-10-18		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-06-07 -
2024-07-06		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh

This page contains 83 frames:

Primary Page: https://www.kooora.com/
Frame ID: 9E25C68BAD0121641674046D07FBAF65
Requests: 228 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 9BBCC723B193CAE33672571AAE2478DF
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 3713A7135995020DD3B2B794BC93390F
Requests: 1 HTTP requests in this frame

Frame: https://www.kooora.com/cdn-cgi/challenge-platform/scripts/invisible.js
Frame ID: E7421EAEF033E00D645BD06B21548319
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.kooora.com
Frame ID: EF1EC2F0616E184280A03BBB6C023FFE
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&dcc=t
Frame ID: CA3B21F667CDA647FC0C32264404115C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.fcp.codes/embed-code-template/embed-code-iframe.js
Frame ID: 8E734E851EBD853498466C12E7B88665
Requests: 5 HTTP requests in this frame

Frame: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 050540D164D2D5C2D58872FA59923B22
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 17C98E78DE3F6899B173195B096AF73E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: D8999ADA5D8E75191DE7ECE397F73035
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuloJqHcQOI2lw_ZvreFGdVgHBmLDQBa292X2mQ2I47-193idUzsbV8BmLXlgcNQLSEN23QLQVM4-9CP7LzI1mD-Sf3HMJ3-Vc34dtSnrwZ6RUXG3X1lt-dIS9haR3tVDenUUFAW1jgARXVuBVYPQQVmEVgNPdvgqT4x3WnrQzaX_sKWCSRFWsAdfRTk9R4WhXdjxek9gtlgdB9sIiw4-E05aYE6WQK6ONUVr5MDCpPzKR1j_nWwPaLch2nj5wKs5TvnrSAeu3F4wuElzTKcEcGheYIvRdiVnS10diMop6QxfVYhx9-bEPCZkLN1corEhTFxTHPP5sNyOKssHPIezNoIpxdLBGHIeu6-18&sai=AMfl-YRWlmY2B9tkBwg5kquqYO4EQrzXK-x3SWQaAPeevg5yWyqsGXNFIOmeF-pNlFjDQZJ5M7-Xxdv80rMrmHrSOe-pWusxRcewf_z25NMlRforgB1DWYHcMCswoeEGxaVnAOjKsuQ3Hu0_HtWtPhA&sig=Cg0ArKJSzBIGZzUPxyyFEAE&uach_m=[UACH]&adurl=
Frame ID: 09BA28E6AD01AB60136E1215B2230F26
Requests: 7 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: EA9D6C5C4B586B11BF077365B2ED78EA
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: CC605644282DDB2E03321BD079362EF6
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: E720E59341DBD3C5E53F669B32E0B03D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8330000753667799435&gdpr=0&gdpr_consent=
Frame ID: F850013D61EE88C506335D0C7D3E577D
Requests: 1 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Frame ID: 222C06FA2A9036379B6E239B91655BAB
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 65B30983BFC49C9FF0D77AD9EEFF272C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-96bbIT-txQqwvtdy3W6lAtjJqeH6DnZe4_kSEboebA
Frame ID: DBF3253A42E75552024D5B53434A9174
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: E81E6A2D89A76B41268FC530B399D604
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 202BDFACF04C7B9671BF5E820CA6E3A8
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: EB50140A42977CE488944875526AF89A
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: FF021D4C471DFA8A36A4243E196CEF80
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8694686486495607686&ex=appnexus.com
Frame ID: 988F5FFA98B7144EE225F670B712B643
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 084C0D01CE0ED75236CCF2AABF00FA53
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: A0DB8FF84F093979D244DB5502ADF3D1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=760996673845262888508
Frame ID: 6541722CD6B9E531E5CEC6862E208320
Requests: 1 HTTP requests in this frame

Frame: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 720E818A3FC811CEA38ED6BF37981165
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrc5BaYlcd-XMYm2VSeMeRwg8IeLvnX5KlI9Urw6FvvvRyeUGwPwJ5yFVOcjfhhyK0mf2T4g4LrzEEfmY5c_eBxSvO44E2FvPf9nrh_7sszTCSBP-XrkI-hIrj-G9qyhErhcPM41hWZrf9CJxNlW9qWFpesayjsacqGN1rx9TJRWxqj9Hutkp61YmD8YLzEz-1S1v1lDWX4ODpHun40mkaC9WBO9nzlMkGeoKl7RvbM14q-x0_BYdA3kG2zPdNQgkn2p15sXJIsSmNJg-VDAfAq88TPu-mqN416NemPivANJ2-kpPp-KT8CZYwa73YbRdWVUQYnqpVBtno5aWluyQCn060S5jKNoB1RdgLtE0&sai=AMfl-YQBmgNQ8Uevuemppi2AmpB81iYCB4VmM6UfAaEbvFPDLffl3FvMBvZJTRak3VdrcUyclYd8_QtvNgoLFJ9DSwz8QBsr9KP8QjY8yAvIOwC3QsGPPWOyf-OONwU_UA&sig=Cg0ArKJSzMWuVSUrcsZuEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C4811E1E957D2F9D93F88A301A28C772
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjVs5LyATAB&v=APEucNWQQMKkdWeyz2ITZDH_qjue_22EXGj3r9Z3UW9bJc2hGEjjt9TQEhbqDTZa-1fENOpX0F62_O-5JDsDEmwzEDUOdE2giA
Frame ID: 106774B09F83CD4D3AF67E159A98E435
Requests: 5 HTTP requests in this frame

Frame: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D4AE1CA594FED9CA6F86EB55973255BE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT7ykKGumRlzABp-PnDIdPr5y4psvbizo8i2Lv-TxYqE5O9AlYeOxebh6YUcmoyUn6b4aicw3zH3pJgdg9VPE-sxzrTscNsYpdbccQTQQCCQlpqkg7SlP0jU8tSP_8eKVmpMkfsX4zUHpQC8ivuNWZL1TdTUVIT9dSa-D42-gJh1xZXb-NZBWk5q6-zB_P-H6jvtpxR8ONSaMHFA3hsNXTyT8KvdtL3s9XJnE_sl4wIoFNkv0VrgPEGy6lQT6HqPm0Tl5YRz8GCPSM53xDH3urxHAzpFEs1WGnuEbyYOHAARomt8hYLhevYvWbXQYnQtwJv0vQfht8jB6tN7jMZYlmt1KgI6sjzq8qb9b-F1VGPy-4L-U0&sai=AMfl-YStrXuasEUzBFz-3Csag8Mj9EwzgPiEAp_p7HvEL7rTiycn9b4bdQKmFLKqnD1qH-dg8EFVp7Z5mV-P8GS49x1E_CWPzMYM0icN4ruypsiIBCSWwC5gYO1dYD3EYg&sig=Cg0ArKJSzK0BZ8HqJY9AEAE&uach_m=[UACH]&adurl=
Frame ID: 94671B7E90A88A90DA78A8E0B1E5F57B
Requests: 7 HTTP requests in this frame

Frame: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 594C989E302F5AB7515F4512254C22CB
Requests: 12 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZN4zYwAAADl7zgBV&gdpr=&gdpr_consent=&_test=ZN4zYwAAADl7zgBV
Frame ID: D131987293E8FD3DD1A75E1397341633
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9mMzdlZjdhOS00ZmVkLTQyNjQtOThmZC02MmIyODE3ZThhM2I=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 594D6BDEBE98031774ED72EED966CC36
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 70B3299BB71922CC28070EFE832A7653
Requests: 11 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=847b7d9c-55d6-42cc-9691-075eba001ca9
Frame ID: D443931C5B303AC5E815B3F87EA26831
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZN4zZ8Co8YAAAGxBvH4AAAAA
Frame ID: 695B684F41D8924DD11B7B282AF9A482
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: CD2C769117F5859821AC5AE40B60FF11
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 2BDA58BA204A636D3C0EF5F312C09F7F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=7DTiB4Hi0bCV8S6dItDd&pi=gumgum&tc=1
Frame ID: AF637F6CD8A466535F529C07CD384A5F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 414D91F6B1BD1B2BB2C4DF1BBEEAEE05
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6AB86A293CE7D916DAFE98F72D520C2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8F10DCBB0B93952957019C1AF32581A
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N46002.4116365CULTURALPROGRAMMAT/B29932954.369001663;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1027831081;ord=6o31on;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCusEqXzPeZKinHsutoPMPwZy_iAT1pNCBctmzzYnfEY3LpKaiMhABIJ_fz4EBYP2gmYHoA6AB88WB3wLIAQmpAoRyHvc00qg-4AIAqAMByAMCqgTeAU_QiJhKCKTJ6AA1SLs3wpKwnVy5GeBxvliEL7QQ5FyH5FcYhe5ChpS0dMf0ZB7B1xR2G9zSCHTdAtpNcUlooGoSdYtugEQ_wdVXEhRrSVf-xz-pFXswRamUn2u2jY_rXjR9nWCggtLvnpYvi0SZTkT2XJyrK7_KaL2xvpna0iB5Ll5ilMO6Am-zDlbiA2du4cjdYMxyzhqrRVyqNq7hwS1ShlzSeP5vWVqKC7AVIwQZp9Q6MEgS37mqqJkPsHkJ8b0agb-J1Wcd0NCLx0dfNZ7FEC8TB5IGYlPZ9L3xdsAEuPSe07EE4AQBoAYRgAf1uf6gAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbgMAdoMEQoLEOCj8aj0weuK6AESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI6NKPm_jjgAMVyxZoCB1Bzg9BEAEYASAAEgL56_D_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWM_rPSNNCt0Y00EKEko5MuLLfZrhg6NvsggqUHRfNsjAulKentvA_qeGjAlJ89mXEX7Nts-XtGAE%26sig%3DAOD64_0jbEJ6R0dYwOvZR8NhY6jnMmL49A%26client%3Dca-pub-2608076546629502%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fwww.kooora.com%2F$0;xdt=1;crlt=NvyFBF1QWC;stc=1;chaa=1;sttr=152;prcl=s
Frame ID: 763112421110E36E4D9CAEF1D02D5611
Requests: 10 HTTP requests in this frame

Frame: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 49C9A988A2816EDFBB3F8DFDDE6F2FFF
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F5A32990AEE31B5A82BF77C03059D51B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjvspLyATAB&v=APEucNW-Cv3XoYwJXLVgWx5r0ol0jWkWOCy-9XCknvz8Pdtg64xrYKbu9QTL45mxgr_zpTq4WwRzz_YNRDqDtSUzJnqtAyK73w
Frame ID: 7E0F1FC445EACB8F671AA1BEA709470B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2EC9358CA9880F63C05AD78DF4415911
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Frame ID: 1E03F70AF3FCD61DFE57D0B6DB953244
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Frame ID: 6694449DEC06393FAF3A686B0A8AB27E
Requests: 20 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 79EB84633B86FEED0CBEB44221CE3687
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1A9DF5FB8B41C88BF503ACFDE72FE862
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 49D8BBBDBD06911A753E82FA57790119
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 036030CF22C095E303947E3869E97C65
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8F094438CFB6058A8BDA60880A85705
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 09A3190EE692067BAAF15439173672B7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 738FF268BD9041FD8A4B6A2441D078F1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
Frame ID: B7E191E05D80E913501A46C38A7F015C
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
Frame ID: 4C7F22DB1A444AB15BA0BC32F9C4C918
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kooora.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1AEC843958FB940366C79D0D370C535E
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=48B8FE71-87BF-49C4-B613-4E30BB4CA753&redir=true&gdpr=0&gdpr_consent=
Frame ID: 16A08FEA639A61366E9A729A00801EE0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACSYE7JvGcAACSJx0ka_g&gdpr=0&gdpr_consent=
Frame ID: EDAB4981681DF20DFFE62FC89764462A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8694686486495607686&gdpr=0&gdpr_consent=
Frame ID: 23DE2227DA07D8EB88345941C062CE3C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3587bb3e-3d0d-11ee-8b39-a76b6e9388c8
Frame ID: E843E71A4E9238EA73821840050DE627
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 64FC7CCEDD683C57384437309444F998
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 922A7B1274D092F11A48E1630BBCF4D6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9BqmuvEd97vvGfvnoRvv5_YWo7vvHKPro09crIiD
Frame ID: 783B3FC6E0D7734C7174042922EF2DE0
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3802E766684C832D948478DB8E315604
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=48B8FE71-87BF-49C4-B613-4E30BB4CA753
Frame ID: 6C977CC1CC6C541396F57879A6DAB4CA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OR_pt0ynUoFBNzJ13jDD9yUT1Pg&gdpr=0&gdpr_consent=
Frame ID: 47983C74A7E6B3A7E0286BC738B4C10F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:d4KtuCeP1QwEjf5&gdpr=0&gdpr_consent=
Frame ID: E2D12543D05C0D448C04F161427D4E06
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314642188303661
Frame ID: BC54A5CE80422AC1E07162AD73395C12
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=48B8FE71-87BF-49C4-B613-4E30BB4CA753
Frame ID: DFB645C679136DC650B5AC523572F9C7
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID48B8FE71-87BF-49C4-B613-4E30BB4CA753
Frame ID: 7271A46F6D2745CC5F39C7DD25F1EA13
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
Frame ID: 48F4B4487C7BA2350358984BDA4F786A
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 5970851DAEE9249C502C18AE0D271DF9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 0292AD4A08FFD4D9D36F6DAA68B198D8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815041026299
Frame ID: DADABE23710F251E15A4653E9D563EB6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU7e63d4cd251d4d249033d87836485c8d&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: 9C0F8798FFC38FA8FA8C9575A6D9BB6A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ea67a503-396b-4983-9213-9a281b2e891f-005
Frame ID: 4732B4F908DDA6FB6A1E1A06483015E0
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 86E2D8379F11A7722E41C9FC4B64C5AD
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 5F79EDD0088F34103EE3E4F0E2F990C2
Requests: 1 HTTP requests in this frame

Frame: https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
Frame ID: BBA24C65FEBF8AAD6983F08917DE3123
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

كووورة: الموقع العربي الرياضي الأولPreviousNextPreviousNext

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

569
Requests

79 %
HTTPS

0 %
IPv6

129
Domains

192
Subdomains

108
IPs

11
Countries

5720 kB
Transfer

14854 kB
Size

161
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://sb.scorecardresearch.com/cs/36390024/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 47
  • https://longitudeads-com.videoplayerhub.com/galleryplayer.js HTTP 301
  • https://btloader.com/tag?h=longitudeads-com&upapi=true
Request Chain 133
  • https://sb.scorecardresearch.com/b?c1=2&c2=36390024&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692283740589&ns_c=windows-1256&c7=https%3A%2F%2Fwww.kooora.com%2F&c8=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=36390024&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692283740589&ns_c=windows-1256&c7=https%3A%2F%2Fwww.kooora.com%2F&c8=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&c9=
Request Chain 182
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&dcc=t
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=40da2992-202e-46c3-bd6d-d27455ebb9ca&u=d913eb4c-45ba-4d64-aee4-1085e6759b84 HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEBm0gGmrioNw91YpK3oY8dQ&error=&type=ddp&k=40da2992-202e-46c3-bd6d-d27455ebb9ca&u=d913eb4c-45ba-4d64-aee4-1085e6759b84&google_cver=1
Request Chain 212
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=aps&cookieCheck=1 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=caa9582fde&gdpr=0&gdpr_consent=
Request Chain 240
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 242
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8330000753667799435&gdpr=0&gdpr_consent=
Request Chain 245
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-96bbIT-txQqwvtdy3W6lAtjJqeH6DnZe4_kSEboebA
Request Chain 249
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 250
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8694686486495607686&ex=appnexus.com
Request Chain 251
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 254
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=760996673845262888508
Request Chain 261
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN4zX8l3BI2lD4f.iBTJdgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1&google_hm=2
Request Chain 262
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=847b7d9c-55d6-42cc-9691-075eba001ca9&expiration=1694875743&gdpr=0&gdpr_consent=
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN4zX8l3BI2lD4f-iBTJdgAABN4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGyhz7ph35UVgYAK5_0bhh8&google_cver=1
Request Chain 265
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8330000753667799435&gdpr=0&gdpr_consent=
Request Chain 266
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=3587bb3e-3d0d-11ee-8b39-a76b6e9388c8
Request Chain 267
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9da1b1c0-97d4-49a6-ba69-e2163e227e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 268
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACSYE7JvGcAACSJx0ka_g&expiration=1693493349
Request Chain 311
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=8694686486495607686&gdpr=0&gdpr_consent=
Request Chain 312
  • https://um.simpli.fi/lj_match?r=1692283743883&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=F06F4657B4DC41A98AF08A5C4D894A39
Request Chain 313
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LLFA1NIG-Q-D1JW&gdpr=0
Request Chain 314
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://sync2.resetdigital.co/csync/bs?type=d&bidswitch_ssp_id=fmx&gdpr=0&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=447&user_id=0000010A798DB20C&expires=15&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=
Request Chain 315
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HKp5jPZH_l8WyPPsTz-RKbqb&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:dd9559e307de97e659e30f3d1031aef7
Request Chain 332
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8694686486495607686
Request Chain 333
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=25eb8aba-fd6b-4643-b4cb-d725fb46b102 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=25eb8aba-fd6b-4643-b4cb-d725fb46b102 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9f9b89f6-f844-4df7-b6ae-f47ff35a9ce5&user_group=1&ssp=gumgum2&bsw_param=25eb8aba-fd6b-4643-b4cb-d725fb46b102 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&us_privacy=
Request Chain 334
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28y1SCUtKzdMY2MyIuUSzW_0y-vLdcMfg8ulYBqm9RBpyNRVXYSFSpyAV7-3R215Q1%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28y1SCUtKzdMY2MyIuUSzW_0y-vLdcMfg8ulYBqm9RBpyNRVXYSFSpyAV7-3R215Q1%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b&obuid=ENC(y1SCUtKzdMY2MyIuUSzW_0y-vLdcMfg8ulYBqm9RBpyNRVXYSFSpyAV7-3R215Q1) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator HTTP 302
  • https://sync.outbrain.com/cookie-sync?initiator=%24initiator&p=opera&uid=OPU7e63d4cd251d4d249033d87836485c8d
Request Chain 335
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=582dcc26-0880-4600-89ec-ac3d3d050ef3
Request Chain 336
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-391fe9b7-4ca7-5281-4137-3275de30c3f7$ip$37.19.212.248
Request Chain 337
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-XuR1xFpE2pc9H.Y1NA1dB0lvrM5Y5p79ZROl~A
Request Chain 338
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=928641cd-7707-4ba1-9b28-bb069a191031
Request Chain 339
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DD5AF2D73E6304AE3B0EC92DB81B208D2%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fusersync.gumgum.com%252Fusersync%253Fb%253Dsnc%2526i%253D%255BUSER_ID%255D%26uid%3D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&nuid=D5AF2D73E6304AE3B0EC92DB81B208D2&att=1&pid=82&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D&uid=ZN4zX8l3BI2lD4f.iBTJdgAA%261246 HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=5F59504996924B16A617F7F0FD30CB04
Request Chain 341
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=X366S8IVS225EEFwgfJa&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVMDGNRWKM4ESVSTGIZDKRKFIZ3WOZSKME HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVMDGNRWKM4ESVSTGIZDKRKFIZ3WOZSKME HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=X366S8IVS225EEFwgfJa
Request Chain 342
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=640ab08d-f0a8-4d4c-a0d5-6e7b56ce551a
Request Chain 343
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=A4xpGIB3vnmN&ev=1&pid=558355
Request Chain 344
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8330000753667799435
Request Chain 350
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN4zYwAAADl7zgBV HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZN4zYwAAADl7zgBV&gdpr=&gdpr_consent=&_test=ZN4zYwAAADl7zgBV
Request Chain 353
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=847b7d9c-55d6-42cc-9691-075eba001ca9
Request Chain 354
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN4zZ8Co8YAAAGxBvH4AAAAA
Request Chain 357
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=7DTiB4Hi0bCV8S6dItDd&pi=gumgum&tc=1
Request Chain 358
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 380
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEGUFm-lbpTPUzDN3k6hf2IA&google_cver=1&google_push=AXcoOmQ3Uz73lW1gG2dl8jZjbUfRqNctTiTMCVTAm_BbK29QaenrXWvBrE4yrD5GOY5vD_ub5uOn3_lb2Bas075n772DxkZIhd3x HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQ3Uz73lW1gG2dl8jZjbUfRqNctTiTMCVTAm_BbK29QaenrXWvBrE4yrD5GOY5vD_ub5uOn3_lb2Bas075n772DxkZIhd3x&google_hm=UjM1Q0E5XzEwNzhFNDcyMl8xRDU1OTI2QQ%3D%3D
Request Chain 381
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENWs_Sfai4Ah7a3n9kSnqnM&google_cver=1&google_push=AXcoOmQc6LQEotOo4vuShj_-97nYLyRGLm_TQVQiXRZavBthein7-6DX5TgeWY7n9ja_AEheAe8Glir-NseEj8x67eW89_OMeLiM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ODQ3YjdkOWMtNTVkNi00MmNjLTk2OTEtMDc1ZWJhMDAxY2E5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=847b7d9c-55d6-42cc-9691-075eba001ca9
Request Chain 382
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECDMv3FRtaGfjXZRvu982vI&google_cver=1&google_push=AXcoOmSnY2OQAapjU9u1AzSxDkCH1YxX1sr6BXB_whZlDiTZcoJRxjxTsBeQ1-Wo2gUl6vaySrB2QWn6rxpvWWWalbpSTfogTYQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECDMv3FRtaGfjXZRvu982vI&google_cver=1&google_push=AXcoOmSnY2OQAapjU9u1AzSxDkCH1YxX1sr6BXB_whZlDiTZcoJRxjxTsBeQ1-Wo2gUl6vaySrB2QWn6rxpvWWWalbpSTfogTYQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkwMDQ1ODA3MjI5OTI5Mzg2NA&google_push=AXcoOmSnY2OQAapjU9u1AzSxDkCH1YxX1sr6BXB_whZlDiTZcoJRxjxTsBeQ1-Wo2gUl6vaySrB2QWn6rxpvWWWalbpSTfogTYQ
Request Chain 383
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENzGz3gxiSwF_rvIQDDKkW0&google_cver=1&google_push=AXcoOmSl_Y_W5uLSz7CuxGUUQQ7ntZjtDGKgbEdEz1ane5egKITqhbVPynNqGQUkimdJAb6z297YPvw0r5Iv8CRqHa74eTVygz6q HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENzGz3gxiSwF_rvIQDDKkW0&google_push=AXcoOmSl_Y_W5uLSz7CuxGUUQQ7ntZjtDGKgbEdEz1ane5egKITqhbVPynNqGQUkimdJAb6z297YPvw0r5Iv8CRqHa74eTVygz6q&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSl_Y_W5uLSz7CuxGUUQQ7ntZjtDGKgbEdEz1ane5egKITqhbVPynNqGQUkimdJAb6z297YPvw0r5Iv8CRqHa74eTVygz6q&google_hm=NmZwM2V6QmlieHE1cVMzSzk5Rko=
Request Chain 384
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRITvNut1s5eTjMH0VZ0RuiDYFbwdu01ZEn3NaNZnmoXQOGxNJLMfEGm9bHQ9H7RF0ta4ekLnPOOrtWvC8U8CGSq8eD4PRM%26google_hm%3D%5BUID%5D&google_gid=CAESEDA_PZ1a9brC4Mf79hqgTjI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRITvNut1s5eTjMH0VZ0RuiDYFbwdu01ZEn3NaNZnmoXQOGxNJLMfEGm9bHQ9H7RF0ta4ekLnPOOrtWvC8U8CGSq8eD4PRM&google_hm=2b06780c-1301-4f94-a05e-62f8319ca4e8
Request Chain 385
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEIM1K-DgPfga-2XfSFhIXqo&google_cver=1&google_push=AXcoOmSCv8OqE_keoGuv_3uwdBntLEXj_AokDAyUuZ5AAH_t0A6eBHgEYfmKYSyTeaEQuTsGPSutQqigTSwENIkjrFV9367LPCYt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTk5NzIyZGY3MjdkNGZjNTlkNzkwM2NmMmIyMzI5NWE%3D&UIDF=CAESEIM1K-DgPfga-2XfSFhIXqo&google_cver=1&google_push=AXcoOmSCv8OqE_keoGuv_3uwdBntLEXj_AokDAyUuZ5AAH_t0A6eBHgEYfmKYSyTeaEQuTsGPSutQqigTSwENIkjrFV9367LPCYt
Request Chain 386
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEPJ5wu1X2WLxH6fW_GIX9Rc&google_cver=1&google_push=AXcoOmR0gh5ZJpvIblmT8Gau_Cf6WQkNtb-jYfB8SCV8m5qlhaZt_GZpwejYgOfQChnXse1EHynLquKNFrgJf_r1_8VWtyZijwMiQw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=25eb8aba-fd6b-4643-b4cb-d725fb46b102&%%GOOGLE_PUSH_PAIR%%
Request Chain 403
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LLFA1NIG-Q-D1JW HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LLFA1NIG-Q-D1JW&ex=d-rubiconproject.com&status=ok
Request Chain 406
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLFA1NIG-Q-D1JW HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LLFA1NIG-Q-D1JW
Request Chain 408
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XjiELLVul-LSjNhRhzmuRQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y9hEGHJE2oLo49ANCgNO15EHsySprBEpXWb03A--~A
Request Chain 409
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLFA1NIG-Q-D1JW
Request Chain 410
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=847b7d9c-55d6-42cc-9691-075eba001ca9&gdpr=0&gdpr_consent=&expires=30
Request Chain 411
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExGQTFOSUctUS1EMUpX HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHbkCsY2TMEApAmXuEGfMW4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGQTFOSUctUS1EMUpX&google_push=
Request Chain 412
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGM0ZWE0N2M0ODUwYmNhZjdiZWEyZmM4N2EyOTM0MjMzN2Y1YTdkNw
Request Chain 414
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7h8VuIUZSayP63goU_uUGA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7h8VuIUZSayP63goU_uUGA
Request Chain 415
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM2xzyrYC3O1RAEW1ddawHw&google_cver=1
Request Chain 422
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=7.42.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=7.42.0&b=1&g=FsON0wSzGVPrHP%2FBciuTNFPt7yfpewyQgn%2B38fCfRH4%3D
Request Chain 431
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=8a981ae1-e2ed-4cc0-84f3-f492f49cfff1&ssp=themediagrid
Request Chain 433
  • https://id5-sync.com/i/845/8.gif?id5id=ID5*zt5ZuNbXlh_9WIUNhTVVf_Uw8nMWEjWsqQvCyOZSJbZb3YTKJJ6VkjuB-10_60bdW97C8zZXux3zt5jYlZsTBg&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/845/441/7/2.gif?puid=u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F429%2F6%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F429%2F6%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0&rdf=1 HTTP 302
  • https://id5-sync.com/c/845/429/6/3.gif?puid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=847b7d9c-55d6-42cc-9691-075eba001ca9&ttl=%%TTL%% HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F434%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/845/434/4/5.gif?puid=e6f51fad-975e-4d8d-bc42-ff3ca190bcca&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/845/112/3/6.gif?puid=BF150BEED929E14&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-96bbIT-txQqwvtdy3W6lAtjJqeH6DnZe4_kSEboebA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F3%2F2%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/845/3/2/7.gif?puid=9d3664de-3365-4600-8ec4-eb3d8ed9252e&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/845/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/845/2/1/8.gif?puid=8694686486495607686&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/845/108/0/9.gif?puid=9a5d171d-aafb-4508-b46b-f03ccade1bf4&gdpr=0&gdpr_consent=
Request Chain 435
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1
Request Chain 436
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN4zX8l3BI2lD4f.iBTJdgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1&google_hm=2
Request Chain 437
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAdLhSxz2CrATyxYO0_g3dY&google_cver=1
Request Chain 438
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY5NDY4NjQ4NjQ5NTYwNzY4Ng%3D%3D
Request Chain 439
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENLNDyYT-wKeAJivskLl19Y&google_cver=1
Request Chain 440
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODM3ZmJiOWMtZTllMi0yMGYyLWZiNzctZTY2OTNmYjdjMWQ1
Request Chain 441
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBZHSQg7UwXmF1pSS8I9H4Q&google_cver=1
Request Chain 442
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGQyZjdiY2EtYmIyOS00ODVmLWJjYzYtZTk3OTBiMmJlODY1
Request Chain 456
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJyaP0rV2M68MoaASQDbGlk&google_cver=1&google_push=AXcoOmS-9F0BHQJLFCSASD95D92BuSWWmEfynqtczaMRpTfoLrukjSYGMNb678t6cdHq9XvEBI0eH_A5XlimOKX-E-ROrw1jopE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJyaP0rV2M68MoaASQDbGlk&google_push=AXcoOmS-9F0BHQJLFCSASD95D92BuSWWmEfynqtczaMRpTfoLrukjSYGMNb678t6cdHq9XvEBI0eH_A5XlimOKX-E-ROrw1jopE
Request Chain 457
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHbkCsY2TMEApAmXuEGfMW4&google_cver=1&google_push=AXcoOmToukJAG-EKJeGlGAl79h2RHOFOKPv3_Ub48770oshvjXPhlY1TktDkZslQCse2ksBwf23w-Cc6PeKK5qV5MIDz7KNlkD0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGQTFOSUctUS1EMUpX&google_push=AXcoOmToukJAG-EKJeGlGAl79h2RHOFOKPv3_Ub48770oshvjXPhlY1TktDkZslQCse2ksBwf23w-Cc6PeKK5qV5MIDz7KNlkD0
Request Chain 458
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEEzLCt94mvfJvHmDCmKEhqk&google_cver=1&google_push=AXcoOmQBa-oqnzwny3q5zqeNPwncN69cJ7fNcvDk02hSxsNqCeMbhE94bVb-tlce9RGHpiA8Tz6TRRCUi0z69ok1icsfNAt3RTIG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwMDYzNTA3MTQxOTU2Nzk0MjQ&google_push=AXcoOmQBa-oqnzwny3q5zqeNPwncN69cJ7fNcvDk02hSxsNqCeMbhE94bVb-tlce9RGHpiA8Tz6TRRCUi0z69ok1icsfNAt3RTIG
Request Chain 459
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEIPAmCXTsDFhRtbA3TdvXv4&google_cver=1&google_push=AXcoOmTV7XyfmmL2pTGbMAETljGqu0TgwIr4pfjCaNiKst4c8Ok4upIQchMi5EXWJ7rw5MQaVIz2c4qdOAa2aDEGdqR_Mvub3wI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTV7XyfmmL2pTGbMAETljGqu0TgwIr4pfjCaNiKst4c8Ok4upIQchMi5EXWJ7rw5MQaVIz2c4qdOAa2aDEGdqR_Mvub3wI&google_hm=M21NTFVwcGpqTHA4V2NobXRSVzI=
Request Chain 460
  • https://match.360yield.com/match/ebda?google_gid=CAESEEt0Nbysx9aOEQ98eznrZ_I&google_cver=1&google_push=AXcoOmQGBJSaKrc9fa3SE3CcpW--eyH_mcv04o5t1CGp1z2fdx2es_mvSxkMnMd3E0jtfUUVaEppp_9fG9V42EJGncF4heBXOKAg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZAqwjfCoTUyg1W57Vs5VGg&google_push=AXcoOmQGBJSaKrc9fa3SE3CcpW--eyH_mcv04o5t1CGp1z2fdx2es_mvSxkMnMd3E0jtfUUVaEppp_9fG9V42EJGncF4heBXOKAg
Request Chain 461
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESENJZI6bkj5XqmgXU7Xgmr_A&google_cver=1&google_push=AXcoOmQdsqfSacOaB0-TrXB2ia2utqkpQAT3nXsyY0-3EGDY1jvNwooKDbK6xdnuNpvNF9kjaaBuAJZM8e6eHU_W7kHcIjjXA6qy7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQdsqfSacOaB0-TrXB2ia2utqkpQAT3nXsyY0-3EGDY1jvNwooKDbK6xdnuNpvNF9kjaaBuAJZM8e6eHU_W7kHcIjjXA6qy7A&google_hm=QlMuNThlMy1kNjA5LTQwZWQtODE3MA==
Request Chain 462
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBLRZtDoQ5rmOD2Sil2g8_o&google_cver=1&google_push=AXcoOmRQHcsPH0q2hW7z8L10CejKlcfVMRRucmrBNz_vbAaioOYgRv2znV4EaDC814KBF-qeh1W1r7XskGYWw4VVHZAmUeFAwkdg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RcUViSHdsRTJ1RXFVRm9ma1htN0FCSU1oZUo2X1lRYX5B&google_push=AXcoOmRQHcsPH0q2hW7z8L10CejKlcfVMRRucmrBNz_vbAaioOYgRv2znV4EaDC814KBF-qeh1W1r7XskGYWw4VVHZAmUeFAwkdg
Request Chain 466
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECDMv3FRtaGfjXZRvu982vI&google_cver=1&google_push=AXcoOmQD-OY-GVA09DEAhDFlW--71WHLFnwEX8Q--RD3h0ATV7HlmoA0BBD3fDGZd1WiYmJNCyB69aEES4bRdZGpNDuyRLRzbXEv HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECDMv3FRtaGfjXZRvu982vI&google_cver=1&google_push=AXcoOmQD-OY-GVA09DEAhDFlW--71WHLFnwEX8Q--RD3h0ATV7HlmoA0BBD3fDGZd1WiYmJNCyB69aEES4bRdZGpNDuyRLRzbXEv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgwMjI2ODM4NDY5NzU2MzE0OQ&google_push=AXcoOmQD-OY-GVA09DEAhDFlW--71WHLFnwEX8Q--RD3h0ATV7HlmoA0BBD3fDGZd1WiYmJNCyB69aEES4bRdZGpNDuyRLRzbXEv
Request Chain 467
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENzGz3gxiSwF_rvIQDDKkW0&google_cver=1&google_push=AXcoOmSQkx3GUJ8mEzEQ8oPrE5_7gceFR0QjG11Ex7bTYo5fpaVuFI9VN3ac9nTLjUMXSwCkHijyKKoGDX9EAxpQTZSw_yDxpFE HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENzGz3gxiSwF_rvIQDDKkW0&google_push=AXcoOmSQkx3GUJ8mEzEQ8oPrE5_7gceFR0QjG11Ex7bTYo5fpaVuFI9VN3ac9nTLjUMXSwCkHijyKKoGDX9EAxpQTZSw_yDxpFE&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSQkx3GUJ8mEzEQ8oPrE5_7gceFR0QjG11Ex7bTYo5fpaVuFI9VN3ac9nTLjUMXSwCkHijyKKoGDX9EAxpQTZSw_yDxpFE&google_hm=eHJtMHh3WG5rMXVNamE5WHl6TU4=
Request Chain 468
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI-QI90RzzDNqketwXc3_6s&google_cver=1&google_push=AXcoOmRfvjnxw4ewKyZKmdqgvKr1Es2dXEF5fPmtLrazxlcARgzmgFHIAlBFbuKjDAkl2jSwYtvW9aDx36uamnf_W38x4pFNbag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SLj-cYe_ScS2E04wu0ynUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRfvjnxw4ewKyZKmdqgvKr1Es2dXEF5fPmtLrazxlcARgzmgFHIAlBFbuKjDAkl2jSwYtvW9aDx36uamnf_W38x4pFNbag
Request Chain 469
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEEzLCt94mvfJvHmDCmKEhqk&google_cver=1&google_push=AXcoOmScKQH_YgnOmIZzSH5Cn6R_vJy1Ww4_QgCldnc9N2s63ROfo1kKJEQK92t7NddqB8kww_AgOaqcbcI3bfSzktGi6lmjW7kA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1ODYxMzkwMjk3NjQ0NTQ1NTY&google_push=AXcoOmScKQH_YgnOmIZzSH5Cn6R_vJy1Ww4_QgCldnc9N2s63ROfo1kKJEQK92t7NddqB8kww_AgOaqcbcI3bfSzktGi6lmjW7kA
Request Chain 470
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENyFM9eOL0lOQGWHOfZdmsE&google_cver=1&google_push=AXcoOmTJY1oSBHG_VOcdNASCFwmU-w3N8svTNadPTFTRsnnCmvgCvB_FRf2SnIOo5UCINFZgYJGm7CxYa_vAMpyyjwLcu8PjOgMp HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTJY1oSBHG_VOcdNASCFwmU-w3N8svTNadPTFTRsnnCmvgCvB_FRf2SnIOo5UCINFZgYJGm7CxYa_vAMpyyjwLcu8PjOgMp&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1692283748760 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea67a503-396b-4983-9213-9a281b2e891f-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTJY1oSBHG_VOcdNASCFwmU-w3N8svTNadPTFTRsnnCmvgCvB_FRf2SnIOo5UCINFZgYJGm7CxYa_vAMpyyjwLcu8PjOgMp%26google_hm%3DBepnpQM5a0mDkhOaKBsuiR8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTJY1oSBHG_VOcdNASCFwmU-w3N8svTNadPTFTRsnnCmvgCvB_FRf2SnIOo5UCINFZgYJGm7CxYa_vAMpyyjwLcu8PjOgMp&google_hm=BepnpQM5a0mDkhOaKBsuiR8
Request Chain 471
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENXPktYDdxkEAFzeQOfFBig&google_cver=1&google_push=AXcoOmQ0O05eQ3INv0GZ6MV7dGxdXmZKi3AueG2dhsDXvuQvtQtp06ZLAZ1Y5wu4Jqf4K57L5pxgwJChgF9htjKMPICWXgvPs3hL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ0O05eQ3INv0GZ6MV7dGxdXmZKi3AueG2dhsDXvuQvtQtp06ZLAZ1Y5wu4Jqf4K57L5pxgwJChgF9htjKMPICWXgvPs3hL&google_hm=ODMzMDAwMDc1MzY2Nzc5OTQzNQ%3D%3D
Request Chain 506
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aVN3akN3OE1BN3p4alM2a3BINDJwdw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKvvhD9yHZpK-0dDsWuDWeI&google_cver=1
Request Chain 507
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=6815b39096d0051b&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAB5r9OBbWjzQMo-_DaAAAAAAA&expiration=1692370149&nuid=&is_secure=true
Request Chain 513
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8694686486495607686
Request Chain 514
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4zYwAAADl7zgBV
Request Chain 515
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9219230932514937087
Request Chain 516
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://stags.bluekai.com/site/23178?id=xrm0xwXnk1uMja9XyzMN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26DSNUYHQ52YNZVTC5KNNJQTSWDZPJGU4 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26DSNUYHQ52YNZVTC5KNNJQTSWDZPJGU4 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=xrm0xwXnk1uMja9XyzMN
Request Chain 518
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c9420533-3b59-40f6-b4a8-ccf8a952b639&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&us_privacy=
Request Chain 519
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=b10ce1869d5a4ec1bf94cebb4944b725&expiration=1694875751
Request Chain 522
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUGJrN0p2R2NBQUNqUHY2SDYyQQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AACSYE7JvGcAACSJx0ka_g&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D5F59504996924B16A617F7F0FD30CB04%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526bee_sync_partners%253Dpp%25252Csas%25252Cpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D2%26uid%3D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&nuid=5F59504996924B16A617F7F0FD30CB04&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&uid=ZN4zX8l3BI2lD4f.iBTJdgAA%261246 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACSYE7JvGcAACSJx0ka_g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACSYE7JvGcAACSJx0ka_g&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACSYE7JvGcAACSJx0ka_g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8330000753667799435&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACSYE7JvGcAACSJx0ka_g&gdpr=0&gdpr_consent=
Request Chain 523
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8694686486495607686&gdpr=0&gdpr_consent=
Request Chain 524
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SLj-cYe_ScS2E04wu0ynUw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 525
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=48B8FE71-87BF-49C4-B613-4E30BB4CA753 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9a5d171d-aafb-4508-b46b-f03ccade1bf4%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=847b7d9c-55d6-42cc-9691-075eba001ca9&ttd_puid=9a5d171d-aafb-4508-b46b-f03ccade1bf4%2C%2C
Request Chain 527
  • https://eb2.3lift.com/xuid?mid=7976&xuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 528
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDhCOEZFNzEtODdCRi00OUM0LUI2MTMtNEUzMEJCNENBNzUz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 529
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWqrJuDMu4RWOxwWwbAwbA&google_cver=1
Request Chain 530
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F06F4657B4DC41A98AF08A5C4D894A39
Request Chain 531
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=847b7d9c-55d6-42cc-9691-075eba001ca9&gdpr=0&gdpr_consent=
Request Chain 533
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nWgoDv9E2uVPMZkxYa44vzS259qj_Gc-~A&gdpr=0
Request Chain 534
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9147173338477009151&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 537
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3587bb3e-3d0d-11ee-8b39-a76b6e9388c8
Request Chain 540
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9BqmuvEd97vvGfvnoRvv5_YWo7vvHKPro09crIiD
Request Chain 543
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7fa69c18-7a86-4e99-a41c-386ce5ab6719
Request Chain 547
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=8e4407dc537050b&is_secure=true&networkId=17100&version=1&nuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAByq5L7778LwNA_Lk1AAAAAAA&expiration=1692370152&nuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 548
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=29b525d6-da02-4f20-a36a-8e59bebcbb13&gdpr=0&gdpr_consent=
Request Chain 549
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=847b7d9c-55d6-42cc-9691-075eba001ca9 HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=eef860ad-3fd7-3b57-ad0e-cf11e4069552&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=25eb8aba-fd6b-4643-b4cb-d725fb46b102&ssp=ucfunnel&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594929237477654731&ssp=ucfunnel&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=25eb8aba-fd6b-4643-b4cb-d725fb46b102 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=eef860ad-3fd7-3b57-ad0e-cf11e4069552&ssp=pubmatic&bsw_param=25eb8aba-fd6b-4643-b4cb-d725fb46b102 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 551
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_1078E4722_1D55926A&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 554
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OR_pt0ynUoFBNzJ13jDD9yUT1Pg&gdpr=0&gdpr_consent=
Request Chain 555
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:d4KtuCeP1QwEjf5&gdpr=0&gdpr_consent=
Request Chain 556
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314642188303661
Request Chain 557
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=860b3603-30dd-416c-abf4-97176d480e99&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=48B8FE71-87BF-49C4-B613-4E30BB4CA753
Request Chain 563
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=f60de19e-9eaf-48a6-b55e-9ccbdab60599-64de336a-5541&gdpr=0&gdpr_consent=
Request Chain 564
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3900458072299293864
Request Chain 565
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
Request Chain 567
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 568
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815041026299
Request Chain 569
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU7e63d4cd251d4d249033d87836485c8d&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Request Chain 570
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=748087696 HTTP 302
  • https://sync.1rx.io/usersync/turn/9147173338477009151?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea67a503-396b-4983-9213-9a281b2e891f-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ea67a503-396b-4983-9213-9a281b2e891f-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ea67a503-396b-4983-9213-9a281b2e891f-005

569 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kooora.com/ 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2c14365744193db71ba549eecfeffc294cf641b47abd9ccb11d1700ef824be1c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options Deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
o.kooora.com
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7f82b89adfffa241-YYZ
content-encoding
br
content-type
text/html; charset=windows-1256
date
Thu, 17 Aug 2023 14:48:59 GMT
expires
Wed, 17 Aug 2022 14:48:59 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XOwJBC6Me4SRQxiP8GciPncZtG4zUHzkm5IMDCKg4J%2FY5AWPAZIVjYm0w%2B222ODemeo6Vj8z2yu9ykpzCUtmQT5X0zgKqCrxBeSKq%2F1r9C7dr2Ko8Q8BW8b1leO9gtM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-aspnet-version
4.0.30319
x-frame-options
Deny
x-powered-by
ASP.NET
moatheader.js
z.moatads.com/choueirigroupheaderdfp445340272806/ 		261 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8117a8bfa8e3a0ee9243c9de2019a7b2b8aa42f026bc944b1d32b073fb25ad02

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:48:59 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 08:53:40 GMT
server
AmazonS3
x-amz-request-id
2FX2M7PEAK6DA6QE
etag
"ac3592307d5f806a2af103a522bf85af"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43386
accept-ranges
bytes
content-length
93973
x-amz-id-2
GCSeFtJQ+EB0EkWWpjvBkK1AyVQFWRgjYANfFw5PD2Lu/UA+1n2ZS/MZBK7iWlbtEu3TEShTeq4=
kooora_homepage.js
lngtd.com/ 		196 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lngtd.com/kooora_homepage.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-111.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38ca0a41b42d248048fa00ddc156486b2e9b8ff3a140461d62c19c37a0a838ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:37:32 GMT
content-encoding
gzip
via
1.1 edb4467fad6c19f876564012471f929a.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 15:14:18 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
688
etag
"252970142f2a4ceeaca5cecabdb88f7a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200
accept-ranges
bytes
content-length
54046
x-amz-cf-id
jObEkYJPhimXRNYzsFNZJ2p4rMZdjB8b46cDny3uLTYFhXahwRwGaw==
aw2.css
o.kooora.com/ 		173 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://o.kooora.com/aw2.css?rev=585&ch=4439
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c670082b5f5dbe0bb45b5a1ec886bb3665770d11032ca0c274156c11abc3e7ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 14:11:12 GMT
etag
"7477c7ad14d1d91:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2589846
accept-ranges
bytes
content-length
31526
expires
Sat, 16 Sep 2023 14:13:05 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.kooora.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
857794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27437
last-modified
Tue, 01 Aug 2023 17:19:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64c93eb8-6b2d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqjcThZ968XMLHodtVa75M4CeaA7WZlcB67eVAcPdQ41ZP1JiIdoaDj42RFPbqNiK1iuX9dnXPq5P2j5AaMG3G8An7IufSWJfX7cNde0AN7DDm%2BjXF4n2%2FX6yIGF5bcNPugV%2BK8Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f82b89bfb2853fb-YYZ
expires
Tue, 06 Aug 2024 14:48:59 GMT
nw2.js
o.kooora.com/ 		851 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://o.kooora.com/nw2.js?rev=1865&ch=9209
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0387ea6b20d603156158d46cdf51eccaa0acd032952b21882be94d65af124115
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kooora.com/
Origin
https://www.kooora.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 14:10:49 GMT
etag
"aafca79f14d1d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2589656
accept-ranges
bytes
content-length
211032
expires
Sat, 16 Sep 2023 14:09:55 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://www.kooora.com/
Origin
https://www.kooora.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:48:59 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7f82b89d6a6639c6-YYZ
v2
mb.moatads.com/yi/ 		545 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5BhKjWfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-J7VHrxsgY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-GKKOVythgEwLgg%3D%3D&sc=1&os=1-cQ%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.kooora.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=766684344193&callback=MoatNadoAllJsonpRequest_8555466
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.148.8.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
3395d844acd8ef620a740cadebabf53de365a0e25aad01ef2b9966f4d099db58

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:48:59 GMT
server
istio-envoy
etag
"819274e3963d1be3191a73c7b5fa28f6107ad46d"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
43
timing-allow-origin
*
content-length
545
iframe.html
z.moatads.com/hd09824092/ Frame 9BBC 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=3167
content-length
1374
content-type
text/html
date
Thu, 17 Aug 2023 14:48:59 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
hQ76LONt8Z0+0gvX3A4RyhSAR+G2Z6t19zCkHXVFoPjEF/LsnPK0v5GFk/w7HR+V18HzBhT8pKE=
x-amz-request-id
7C72C67561922266
apstag.js
c.aps.amazon-adsystem.com/ 		240 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aps.amazon-adsystem.com/apstag.js
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-98.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
199104ac0bbf4e7323a9d28a15970affa824b6837c8c263a47c8ee123c782bc7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
br
via
1.1 cda1913a649dc75ebe085933b079c996.cloudfront.net (CloudFront)
x-amz-version-id
jSigMTSNMB3rl1wUeJRtVG7HWZZWF_z7
last-modified
Thu, 17 Aug 2023 07:06:32 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P4
x-amz-server-side-encryption
AES256
etag
W/"c975d182c957a3133a517c956d5e304a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
NQoRcRnelsxOTmy-T_bsCesjzz2S8CHqryTmKuYU1JJcJBWHSBN3Eg==
lngtd-config
conf.lngtd.com/ 		22 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://conf.lngtd.com/lngtd-config?account=kooora&section=homepage
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.222.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-222-254.compute-1.amazonaws.com
Software
/
Resource Hash
fe247ede4c69957697a5e04b66fae6c33cd5038264d780e7c19fd13cfba05ecf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 14:48:59 GMT
cache-control
public, max-age=1800
content-length
22644
apigw-requestid
Jzz2ZiuEIAMESuw=
access-control-allow-methods
*
content-type
application/json
41a7b62bc29ca5de31708e1d02dec74387a9.js
roseincome.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roseincome.com/41a7b62bc29ca5de31708e1d02dec74387a9.js
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
fed8ec58ee078cf1b2f6ce4ba192991ce05d26a1d9fecf306ca9042bb32d6d7d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 17 Aug 2023 14:49:00 GMT
x-datacenter
gce-us-central1
etag
"759126bd133c366ab48315662db1a02f83417ca52fc7620ca8187c6703df632e"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-central1-kd5m
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
969809724
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
cdn.permutive.com/ 		865 KB
232 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3837f1faaca0e78be81c2a2946152fbcfaf5fa126aa3d50dba51833d8764e2f5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
f3a06674-ebb9-4b9d-ba8f-0052018c0687
age
0
x-guploader-uploadid
ADPycdv7gEGpUxrRIkGUVR2_aooPqD2mtLyoLsYwOdwq3EhxNtJjt_LQtuv9N0CcQeZ9D8mEqANhvYbeeICppsyfxMk8jC6Zdt23
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 03 Aug 2023 11:52:50 GMT
server
cloudflare
etag
W/"4289c4decc59e2059b40ea0f8c040866"
vary
Accept-Encoding
x-goog-generation
1691063570082707
content-type
application/javascript
x-goog-hash
crc32c=PJOKYg==, md5=QonE3sxZ4gWbQOoPjAQIZg==
cache-control
public, max-age=900
x-goog-stored-content-length
254606
timing-allow-origin
*
cf-ray
7f82b89ee9f9a20b-YYZ
expires
Thu, 17 Aug 2023 15:04:00 GMT
sync
spadsync.com/ 		0
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spadsync.com/sync?sptoken=0ea839a7-38dd-4511-8c8e-4d833beb06aa92ee&sspid=Cg7&pubid=choueiri&ssphost=www.kooora.com
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.50.69 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-50-69.eu-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://www.kooora.com
date
Thu, 17 Aug 2023 14:48:59 GMT
server
openresty
sdk.js
connect.facebook.net/ar_AR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/nw2.js?rev=1865&ch=9209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
24507d561f29021a7c493bfe6440af03487e2c394e89674a9fa6f944ecdf5f21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Aug 2023 14:49:00 GMT
content-md5
XqS4mxYDkvMcVXn1XIaEGQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-debug
OS8IdBjXIe1JzEFMdrwiG8DNUoBSfrF5IyFuJinax4z9MEoqyABKYuWmlgDVKnbY7pCIdR7UHDaUSejdmBdn4w==
x-fb-content-md5
04ad32f759a67edd1ae7401acc5fdf68
cross-origin-opener-policy
same-origin-allow-popups
etag
"c44cec706fa21faa30bda098cd764517"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:58:12 GMT
fbevents.js
connect.facebook.net/en_US/ 		172 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/nw2.js?rev=1865&ch=9209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 17 Aug 2023 14:49:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47245
x-xss-protection
0
pragma
public
x-fb-debug
1PY5NDQMy8W5ZXnBVlFVkjhVlWvzK8yVHDSbZUylrVhYhtTsq8PKAyPvLCFfNFYMENiIN1bvgmXrGZZWLL9WCQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
spadsync.com/ 		0
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spadsync.com/sync?sptoken=8cda9897-caab-4f64-96e1-4fef138c9da0a6b2&sspid=Cg7&pubid=choueiri&ssphost=www.kooora.com
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/nw2.js?rev=1865&ch=9209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.50.69 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-50-69.eu-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://www.kooora.com
date
Thu, 17 Aug 2023 14:48:59 GMT
server
openresty
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/36390024/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Server
108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-33.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 06:26:26 GMT
content-encoding
gzip
via
1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 09:10:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
30155
etag
W/"77ff4ede4693897337a38594321529a3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
NHxZYb5jXUfNI8gMltLd1LPRpZxUABIyylWyhMO7cc2Ep7lR6ertDQ==

Redirect headers

date
Thu, 17 Aug 2023 14:49:00 GMT
via
1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
UO_O1SfqAZMaApEvGaRtNzXdaMcjZQHveQmK6lm67_r6MTsdTIzoRQ==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Aug 2023 14:37:29 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
691
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 17 Aug 2023 16:37:29 GMT
/
www.kooora.com/ 		16 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kooora.com/?vc=true&_=1692283739737
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b7ddf5460c497d2e6e4493a396d369647901d15888348e66673e293cff4439f1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept
*/*
Referer
https://www.kooora.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:48:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLV4SYj9BH3%2BEMwEGFPlMh%2B6JCA%2BGhAW21TLLt3gCu1oghA4WYH1WNh6%2FE%2BhLWbRsqVHcjhvs5uyLNKau%2B%2FN6DcgCUfS7z38AOg905ysiDLlvZ2RlCljoPFkzUbcW2lb"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=windows-1256
cache-control
private
cf-ray
7f82b89ddbbda241-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Aug 2022 14:48:59 GMT
gtm.js
www.googletagmanager.com/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJ3FSNX
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e4918ba21a35f9c5e2a72693273900cdd74835af7df83fb9e32b7e68c4f5448a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44106
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Aug 2023 14:49:00 GMT
ad00f84c906543767a696e49e74855eee99b-prod.js
roseincome.com/static/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roseincome.com/static/ad00f84c906543767a696e49e74855eee99b-prod.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
c031f2b0c1259ff4d30c233c8fa3c688714db6f7d5028a1721280638ecc8eb29
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 17 Aug 2023 14:49:00 GMT
x-datacenter
gce-us-central1
etag
"759126bd133c366ab48315662db1a02f83417ca52fc7620ca8187c6703df632e"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-central1-kd5m
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
969809724
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
iframe.html
z.moatads.com/hd09824092/ Frame 3713 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=3166
content-length
1374
content-type
text/html
date
Thu, 17 Aug 2023 14:49:00 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
hQ76LONt8Z0+0gvX3A4RyhSAR+G2Z6t19zCkHXVFoPjEF/LsnPK0v5GFk/w7HR+V18HzBhT8pKE=
x-amz-request-id
7C72C67561922266
970x250.png
o.kooora.com/banners/placeholders/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/banners/placeholders/970x250.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb030e7ebc773fd11b72e8b2c0ce7b0dac04230b6c9d22831d70524f48501f99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 May 2023 20:52:20 GMT
etag
"774dc6cfdc85d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1336302
accept-ranges
bytes
content-length
8986
expires
Sat, 02 Sep 2023 02:00:42 GMT
Search.png
o.kooora.com/e/ 		426 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/Search.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bbdd4d36da7aa04541ebbdfe2e46218731068fe5710610876cecf87f4fbfca74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:53 GMT
etag
"7f514d112d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589790
accept-ranges
bytes
content-length
426
expires
Sat, 16 Sep 2023 14:12:10 GMT
Mobile_header_icon.png
o.kooora.com/e/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/Mobile_header_icon.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
560b034f57d218c339e87f189507520b350ee0cadc412fe2ceb36ec7c32a1031
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:52 GMT
etag
"8ef998d012d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589727
accept-ranges
bytes
content-length
2081
expires
Sat, 16 Sep 2023 14:11:07 GMT
/
www.kooora.com/ 		16 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kooora.com/?vc=true&_=90834992
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/nw2.js?rev=1865&ch=9209
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b7ddf5460c497d2e6e4493a396d369647901d15888348e66673e293cff4439f1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aM3LDQ5ZXDxB6w7szMZNxS4qP6MyaER1OD3H8SdQdOmtzOGC5tm%2B8mnykLnlHHivN1sinmm8i6UY5Oc6ZjAhvdUO4NP7Z%2FLFhmAll2CUzMiC8HT4qZKmCesS0MGuWnA"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=windows-1256
cache-control
private
cf-ray
7f82b89f0ec6a247-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Aug 2022 14:49:00 GMT
/
www.kooora.com/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.kooora.com/?lnews=ca
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/nw2.js?rev=1865&ch=9209
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.8.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bdf6271d34a5efc5e5160859c18bc9e212db482537ed07c99646ece55733060c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options Deny

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 17 Aug 2023 14:48:55 GMT
server
cloudflare
x-frame-options
Deny
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6igL9PqQ3hGKPFuqKqIeGwcV%2B3wy7Xly1DV2KqljBgIcLzC6iwSwnSLmeDDKqXTH%2FPtSx5nEPiFsz5vUAUYJX1TW9hapLRPKEQqrWF7qlYZAfq2Tbc7SO89iZpSgfB%2F1"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=windows-1256
vary
Accept-Encoding
cache-control
private
cf-ray
7f82b89f1ed6a247-YYZ
expires
Wed, 17 Aug 2022 14:48:55 GMT
/
img.kooora.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=katkotati%2fcup%2fsupercupgermany.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
682aadade7d52d94f7c2f6bd5038085bfcd36cc8c9697c157d7aa92e1f019d37

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
katkotati,cup,supercupgermany.gif
cache-control
public, max-age=30815573
content-disposition
filename="katkotati_cup_supercupgermany.gif"
content-length
15938
expires
Thu, 08 Aug 2024 06:41:53 GMT
/
img.kooora.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2fl%2f25%2f604%2fking-salman-champion-1.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8033130618036a0bca81727ac74ec14ffe1872e0b3ed17206473f5489b8e0ab4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,l,25,604
cache-control
public, max-age=25569366
content-disposition
filename="o_l_25_604_king-salman-champion-1.png"
content-length
7047
expires
Sat, 08 Jun 2024 13:25:06 GMT
/
img.kooora.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=ohatta%2fchampionships%2fuefa_super_cup_2020.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24a63e68ee71cc18a1881114eba33be36f068d200b530f03fa7eadca882c62db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
ohatta,championships,uefa_super_cup_2020.gif
cache-control
public, max-age=25742463
content-disposition
filename="ohatta_championships_uefa_super_cup_2020.gif"
content-length
31512
expires
Mon, 10 Jun 2024 13:30:03 GMT
/
img.kooora.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2fl%2f20%2f463%2ffifa-womens-world-1.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4d58e9682386fdfde490b7752064a185c7714adc1dbdcc3961c25911c1cd500

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,l,20,463
cache-control
public, max-age=24723741
content-disposition
filename="o_l_20_463_fifa-womens-world-1.png"
content-length
5829
expires
Wed, 29 May 2024 18:31:21 GMT
/
img.kooora.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=omar_a%2fkooora%2f2017-05-29_202525.jpg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65953a5e75860eab32e10e5525a95f5fcd624b1e20f5b57956b00966619d3660

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
omar_a,kooora,20170529
cache-control
public, max-age=30813653
content-disposition
filename="omar_a_kooora_2017-05-29_202525.jpg"
content-length
12541
expires
Thu, 08 Aug 2024 06:09:53 GMT
/
img.kooora.com/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=katkotati%2fcup%2ffashield.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23d8244b38a93e5ea52302f08a414a58432623738ef4c423d76d9a0408386f64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
katkotati,cup,fashield.gif
cache-control
public, max-age=30293719
content-disposition
filename="katkotati_cup_fashield.gif"
content-length
27015
expires
Fri, 02 Aug 2024 05:44:19 GMT
/
img.kooora.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=kooora_logo%2fsouthamerica%2flib.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
218beee6ace97fe31856f3d4782c23b31880a8bb38b4e205bad87bb1c4a70860

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
kooora_logo,southamerica,lib.gif
cache-control
public, max-age=24146804
content-disposition
filename="kooora_logo_southamerica_lib.gif"
content-length
16666
expires
Thu, 23 May 2024 02:15:44 GMT
/
img.kooora.com/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=kooora_logo%2fsouthamerica%2fcontinental%2fconmebol.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dae4ef0191b2cb2bcaf25e7e6e2e7379b8ca950d14f1e421bb4d3b48333d74a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
kooora_logo,southamerica,continental,conmebol.gif
cache-control
public, max-age=23660339
content-disposition
filename="kooora_logo_southamerica_continental_conmebol.gif"
content-length
22753
expires
Fri, 17 May 2024 11:07:59 GMT
/
img.kooora.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2fl%2f26%2f220%2fleagues-cup-1.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5c96e566bf246c4e23778b1618021b7a24dd1107fa93779df21ac41504d6910f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,l,26,220
cache-control
public, max-age=29575725
content-disposition
filename="o_l_26_220_leagues-cup-1.png"
content-length
4578
expires
Wed, 24 Jul 2024 22:17:45 GMT
/
img.kooora.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2fl%2f25%2f728%2fasian-olympic-qualif-1.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ffac7ebdc410a95636577bf7dc7e0863690454098fef4ad62f90acb8cba3c234

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,l,25,728
cache-control
public, max-age=25793319
content-disposition
filename="o_l_25_728_asian-olympic-qualif-1.png"
content-length
7849
expires
Tue, 11 Jun 2024 03:37:39 GMT
/
img.kooora.com/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2fl%2f26%2f153%2fafrican-olympic-qual-1.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d86ac0dc015d472382f5dc97c9ce7637b3b2957a58c22713f3dfd79ab60e60f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,l,26,153
cache-control
public, max-age=28274351
content-disposition
filename="o_l_26_153_african-olympic-qual-1.png"
content-length
7500
expires
Tue, 09 Jul 2024 20:48:11 GMT
/
img.kooora.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=logo%2fsaudi_cup_2019.jpg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d90089c8fc8f0daacb8b0a1e616b8f546eac289f26bd63a59eec8e554a9427a8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
logo
cache-control
public, max-age=24207252
content-disposition
filename="logo_saudi_cup_2019.jpg"
content-length
5575
expires
Thu, 23 May 2024 19:03:12 GMT
/
img.kooora.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=ohatta%2fchampionships%2ffifa.jpg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
73ef45eb43ca353ddd90aaf3d3a7e7e25d480c47c5eb5888be4adb39bf4c03dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
ohatta,championships
cache-control
public, max-age=24557931
content-disposition
filename="ohatta_championships_fifa.jpg"
content-length
2019
expires
Mon, 27 May 2024 20:27:51 GMT
/
img.kooora.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2fl%2f23%2f943%2fsupercoppa-italiana-1.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8929f8dd8d5f2cd5e2c11219f75e4bbd852f041a44f7372c3d68bc650452e57a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,l,23,943
cache-control
public, max-age=25756678
content-disposition
filename="o_l_23_943_supercoppa-italiana-1.png"
content-length
4378
expires
Mon, 10 Jun 2024 17:26:58 GMT
/
img.kooora.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=kooora_logo%2feurope%2fspain%2fspasupcopa.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b8b2dee5b1bc15ab229951b9fe6d23214c0cc6031e70c9a5e17abf9c9f7fb081

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
kooora_logo,europe,spain,spasupcopa.gif
cache-control
public, max-age=25162871
content-disposition
filename="kooora_logo_europe_spain_spasupcopa.gif"
content-length
20672
expires
Mon, 03 Jun 2024 20:30:11 GMT
/
img.kooora.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2fl%2f17%2f129%2f2022-fifa-world-3.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6398f2d93e914fddd56f93b3369915d696a8e3d4c89aecd1f342988f984d6d51

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,l,17,129
cache-control
public, max-age=25585177
content-disposition
filename="o_l_17_129_2022-fifa-world-3.png"
content-length
6767
expires
Sat, 08 Jun 2024 17:48:37 GMT
/
img.kooora.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2fl%2f22%2f308%2fasian-nations-cup-3.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
878212a585911ada9a6eba449fb3333582d083a246cd0eed9f84ea4e6f293a9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,l,22,308
cache-control
public, max-age=25185449
content-disposition
filename="o_l_22_308_asian-nations-cup-3.png"
content-length
5343
expires
Tue, 04 Jun 2024 02:46:29 GMT
truncated
/ 		203 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74ebe79b169c396871565d4737d1ca8827be84bda482995fd36b9bcb4394179f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
ca.png
o.kooora.com/e/4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/4/ca.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad885afa26d8fa3ba3bac0bc70f6c8ece88b7f73293b38b9e26a5379a51b8209
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:46:40 GMT
etag
"26f794011d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589769
accept-ranges
bytes
content-length
2272
expires
Sat, 16 Sep 2023 14:11:49 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.215 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 24 Aug 2023 14:49:00 GMT
tag
btloader.com/
Redirect Chain
  • https://longitudeads-com.videoplayerhub.com/galleryplayer.js
  • https://btloader.com/tag?h=longitudeads-com&upapi=true
17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=longitudeads-com&upapi=true
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Server
104.26.6.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
692704a621ff1feb0954be8fc268f40359a90519d7795dece220c29aae41a071

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 14:15:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1974
etag
W/"f5920ddb4ea7c566d353fbaf0ee9e85f"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Npox%2Fku3hAfU8g5uHTkgJWnoZxqZM2BFpzHlObejJY%2BiDIQFbZISRKlGIpsTRvqsj73fWxidG2K4xxbAaV%2BzPHC5p4YBDVyMyPn9faQPG0VX9mIQheR75phT9wlIrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7f82b8a1fdff369f-YYZ

Redirect headers

date
Thu, 17 Aug 2023 14:49:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdsM9xAjhh8fwMm33guCNS25rTdGUeQOLiUa9eFT0lZKJOl7nmGDJiOxMliSpQ4wMxIJSec%2Bfc9GV7jlrIvcmvWoMupiKfICd5JUzTdxyEnuFmTZRtUoFEdmKS931aqfjyYEIa4I3V1iqiNusEpvltJL0klG"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=longitudeads-com&upapi=true
cache-control
max-age=3600
cf-ray
7f82b8a028325413-YYZ
expires
Thu, 17 Aug 2023 15:49:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e9431d9a9ebadd267267be72bcabc21039fb8865649de19a4613944529628741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28652
x-xss-protection
0
server
cafe
etag
207 / 19586 / 31077070 / config-hash: 12093722524017253248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:00 GMT
config.js
cdn.confiant-integrations.net/SVXr63cUhWrBQxT3n2dRXcBz1fU/gpt_and_prebid/ 		112 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/SVXr63cUhWrBQxT3n2dRXcBz1fU/gpt_and_prebid/config.js
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.4.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba786e351399f5c4b307d54d945242ced7e48707f52400f8f7ece6661b433599

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 12:19:34 GMT
server
cloudflare
x-amz-request-id
H5F5N94T4JXWKECG
age
284
etag
W/"2bddd6451add91ef3967e98e8c005ac2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7f82b8a03b97a20b-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
s4V8VuaqaWmf03XNwys7uRAGRVy7A1SOzsz5Vd+tjbITP5TevIKwmtw/u+veSdsH1wUfFbCK+Vc=
prebid7.42.1.min.js
p.lngtdv.com/prebid/ 		719 KB
229 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.36.24 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
137173278.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
aaee6a5b79cb0f31008080c26f2ffe014bb0456138f7187cab3eed8361abb135

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
76381
x-accel-date
1692207359
x-77-nzt
AZySJBYe7er/XSoBAA
x-accel-expires
@1692293759
last-modified
Wed, 17 May 2023 16:54:47 GMT
server
CDN77-Turbo
etag
W/"646506d7-b3ae6"
x-77-nzt-ray
1e192d0857406dd35c33de6430a8640e
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=86400
300x600.png
o.kooora.com/banners/placeholders/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/banners/placeholders/300x600.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
960d6b2a955f35475f2997a46ff2165b3348f60594c5b81d6acfb6382bbb489f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 May 2023 20:52:16 GMT
etag
"ae51fdccdc85d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1242613
accept-ranges
bytes
content-length
9427
expires
Thu, 31 Aug 2023 23:59:13 GMT
Clock.png
o.kooora.com/e/ 		377 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/Clock.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04b336e0ca2d8a39f204f683953291cef8a696f0d0a5b6eb56289f9ea4f29603
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:52 GMT
etag
"8ef998d012d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589720
accept-ranges
bytes
content-length
377
expires
Sat, 16 Sep 2023 14:11:00 GMT
leftArrow.png
o.kooora.com/e/ 		227 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/leftArrow.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
91979a49f4bf0e057ca82e49aeac4e8d3e742dd2f605c968a0a7be89f7aab682
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:54 GMT
etag
"d61b6d212d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589765
accept-ranges
bytes
content-length
227
expires
Sat, 16 Sep 2023 14:11:45 GMT
yt.png
o.kooora.com/e/ 		350 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/yt.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b2d294d358e8c61554376dc0f96563380187cf9a6ace3de238624b99ba2ab17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:56 GMT
etag
"fb52c9d212d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589684
accept-ranges
bytes
content-length
350
expires
Sat, 16 Sep 2023 14:10:24 GMT
ig.png
o.kooora.com/e/ 		686 B
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/ig.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ed5d5dc3fdedd0964130484e9857e1c17e80e97492cda8aa9a2a4d1a70c1ce3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:54 GMT
etag
"b6ced8d112d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589772
accept-ranges
bytes
content-length
686
expires
Sat, 16 Sep 2023 14:11:52 GMT
tw.png
o.kooora.com/e/ 		579 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/tw.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e7d368e372bf829321cbf24654ad15d9165e5b05b1fe245c68102cf68b52583
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:55 GMT
etag
"164197d212d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589699
accept-ranges
bytes
content-length
579
expires
Sat, 16 Sep 2023 14:10:39 GMT
fb.png
o.kooora.com/e/ 		407 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/fb.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d17ccefe4f8f44c3aff6a95fad87bededaaf6a57fd4afaf062bc2d2c010310a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:54 GMT
etag
"a9f3a8d112d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589794
accept-ranges
bytes
content-length
407
expires
Sat, 16 Sep 2023 14:12:14 GMT
tk.png
o.kooora.com/e/ 		627 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/tk.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4ff1a4fe45ba132fcadbd101aee08f6907fead47bc9f72ff72eba286599a08ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:55 GMT
etag
"beb86ed212d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589723
accept-ranges
bytes
content-length
627
expires
Sat, 16 Sep 2023 14:11:03 GMT
/
img.kooora.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2ft%2f0%2f739%2falkhaleej-2.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
959c60ac8e864e0ef78f716ef18bf9dc455d5fe616b3e47dd151abf5ba99ce9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,t,0,739
cache-control
public, max-age=24007752
content-disposition
filename="o_t_0_739_alkhaleej-2.png"
content-length
8108
expires
Tue, 21 May 2024 11:38:12 GMT
/
img.kooora.com/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=teams%2fsaudi%2fahl.jpg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f332c37a7098bab5fbf85983f7b75f3b2c68c502e09c580e6cda5dc988936c15

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
teams,saudi
cache-control
public, max-age=24012985
content-disposition
filename="teams_saudi_ahl.jpg"
content-length
23687
expires
Tue, 21 May 2024 13:05:25 GMT
/
img.kooora.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2ft%2f1%2f266%2fdamac-1.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b0f5cbceaebb5151025acb929052d8514ec902d485ec38bd9ba963e9713399f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,t,1,266
cache-control
public, max-age=30809074
content-disposition
filename="o_t_1_266_damac-1.png"
content-length
9355
expires
Thu, 08 Aug 2024 04:53:34 GMT
/
img.kooora.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2ft%2f0%2f148%2fal-riyadh-1.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6bee8a92697b6c2d57ad32724d8e64fd2e6e17e3a423710c0b2a099ab7d985e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,t,0,148
cache-control
public, max-age=30849197
content-disposition
filename="o_t_0_148_al-riyadh-1.png"
content-length
9064
expires
Thu, 08 Aug 2024 16:02:17 GMT
/
img.kooora.com/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=katkotati%2fequipe%2fqatar%2fqatar.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9db45058be1372929cdbec61e407319afe334c86bb673d76c13a497c5bf7d42

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
katkotati,equipe,qatar.gif
cache-control
public, max-age=27285408
content-disposition
filename="katkotati_equipe_qatar_qatar.gif"
content-length
38096
expires
Fri, 28 Jun 2024 10:05:48 GMT
/
img.kooora.com/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=katkotati%2fequipe%2fqatar%2fgharaf.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c88436a98cb29f7c462815192d5b8b6f03c02d750f6f92cde755296ef4d34af7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
katkotati,equipe,qatar,gharaf.gif
cache-control
public, max-age=27285408
content-disposition
filename="katkotati_equipe_qatar_gharaf.gif"
content-length
30735
expires
Fri, 28 Jun 2024 10:05:48 GMT
/
img.kooora.com/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=clubs_logo%2fjordan%2fal-ahli_logo.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ac15d285f8a25e4ac97d61cd24be6a063dd44459d09c7856410a9adfbde77184

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
clubs_logo,jordan,alahli_logo.gif
cache-control
public, max-age=25294789
content-disposition
filename="clubs_logo_jordan_al-ahli_logo.gif"
content-length
19791
expires
Wed, 05 Jun 2024 09:08:49 GMT
/
img.kooora.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=clubs_logo%2fjordan%2fsahab_logo.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9ef5925ffe2a1de47d6a9d3d98f34a0e2d8c774382775275e999c1f50bcf2b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
clubs_logo,jordan,sahab_logo.gif
cache-control
public, max-age=26626916
content-disposition
filename="clubs_logo_jordan_sahab_logo.gif"
content-length
26114
expires
Thu, 20 Jun 2024 19:10:56 GMT
truncated
/ 		164 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c47ea17bb6135de74405fcc9516a888c5a0b45c33166bae448a64e5072c0f562

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
img.kooora.com/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=epa%2fsoccer%2f2023-08%2f2023-08-11%2f2023-08-11-10795718_epa.jpg&z=570|320&c=0|20|800|451&h=2399
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e95168dccc8edd7ab145eb4b964725a594edf74155ec7cb6c0497568be5bf3cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
epa,soccer,20230811
cache-control
public, max-age=31515367
content-disposition
filename="epa_soccer_2023-08_2023-08-11_2023-08-11-10795718_epa.jpg-c0-20-800-451-s570-320"
content-length
40330
expires
Fri, 16 Aug 2024 09:05:07 GMT
/
img.kooora.com/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=afp%2f20230531%2f20230531-afp_33gp4ke_afp.jpg&z=570|320&c=0|48|800|451&h=5208
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05c921ba6dfc4db4831582a4ad6b9fbbe85a17d7b47fab7ba37f8f1f2838830c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
afp,20230531a
cache-control
public, max-age=31526568
content-disposition
filename="afp_20230531_20230531-afp_33gp4ke_afp.jpg-c0-48-800-451-s570-320"
content-length
56089
expires
Fri, 16 Aug 2024 12:11:48 GMT
/
img.kooora.com/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=afp%2f20230814%2f20230814-1614253727_afp.jpg&z=570|320&c=0|13|800|451&h=5040
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cde6ac2dd164bbac541b2810b5f0d57323476cd2e16663e60d3d7475024e5b5f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
afp,202308141
cache-control
public, max-age=31528642
content-disposition
filename="afp_20230814_20230814-1614253727_afp.jpg-c0-13-800-451-s570-320"
content-length
20786
expires
Fri, 16 Aug 2024 12:46:22 GMT
/
img.kooora.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=amr11%2fgraphics.00_02_17_22.still001.jpg&z=570|320&c=0|0|1280|719&h=2760
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1900c0a2e68c2af6b11c45334ea4315ee78efd906aa33d67b890ea108912c3dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
amr11
cache-control
public, max-age=31517322
content-disposition
filename="amr11_graphics.00_02_17_22.still001.jpg-c0-0-1280-719-s570-320"
content-length
14592
expires
Fri, 16 Aug 2024 09:37:42 GMT
/
img.kooora.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=afp%2f20230604%2f20230604-afp_33gy6pv_afp.jpg&z=570|320&c=0|56|800|451&h=1622
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1634af52891cf2cb3f5427af828af3bffc79d29607d4b2bc0ef8f750bd6c10f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
afp,20230604a
cache-control
public, max-age=31524555
content-disposition
filename="afp_20230604_20230604-afp_33gy6pv_afp.jpg-c0-56-800-451-s570-320"
content-length
17984
expires
Fri, 16 Aug 2024 11:38:15 GMT
/
img.kooora.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=epa%2fsoccer%2f2023-07%2f2023-07-29%2f2023-07-29-10776163_epa.jpg&z=570|320&c=0|27|800|451&h=7978
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3125379545cb52e31916686d279a798c62a79717f8d3a462fee2fe1f7b345198

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
epa,soccer,20230729
cache-control
public, max-age=31520348
content-disposition
filename="epa_soccer_2023-07_2023-07-29_2023-07-29-10776163_epa.jpg-c0-27-800-451-s570-320"
content-length
18528
expires
Fri, 16 Aug 2024 10:28:08 GMT
/
img.kooora.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=afp%2f20230816%2f20230816-afp_33r896m_afp.jpg&z=570|320&c=0|41|793|447&h=1545
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c76c0d7bffa3322d701e53e12b7041017a5f3d98cbc58950474e069159b61c80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
afp,20230816a
cache-control
public, max-age=31525990
content-disposition
filename="afp_20230816_20230816-afp_33r896m_afp.jpg-c0-41-793-447-s570-320"
content-length
17428
expires
Fri, 16 Aug 2024 12:02:10 GMT
/
img.kooora.com/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=m..m%2flhaam.jpg&z=570|320&c=0|0|1021|575&h=254
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a3469cc8aeae322d73539d67f6875b8ca89ace6e86634acb40f08c6af20119c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
m..m
cache-control
public, max-age=31459448
content-disposition
filename="m..m_lhaam.jpg-c0-0-1021-575-s570-320"
content-length
13623
expires
Thu, 15 Aug 2024 17:33:08 GMT
shahidvip_07.jpg
o.kooora.com/banners/shahid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/banners/shahid/shahidvip_07.jpg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f4642e729ba10cd03cedcec9abfcb8b59ee68933207970e77143d9c3d0e2b815
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Aug 2023 11:39:55 GMT
etag
"1575cdedc9d91:0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1803832
accept-ranges
bytes
content-length
4407
expires
Thu, 07 Sep 2023 11:52:52 GMT
/
img.kooora.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=corr%2f472%2fkoo_472660.jpg&z=570|320&c=0|0|600|338&h=4461
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cbfc5b597e2c8aa506247e588d4f0aabca9ae3bdbbecccd00a1e49cef86df8e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
corr,472
cache-control
public, max-age=31535174
content-disposition
filename="corr_472_koo_472660.jpg-c0-0-600-338-s570-320"
content-length
17972
expires
Fri, 16 Aug 2024 14:35:14 GMT
/
img.kooora.com/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=epa%2fsoccer%2f2023-08%2f2023-08-12%2f2023-08-12-10796271_epa.jpg&z=570|320&c=0|73|800|451&h=8696
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f751763bb6d0a18eab92ef9c19732211470b950f35c867e97f4e1e772fabfaf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
epa,soccer,20230812
cache-control
public, max-age=31531580
content-disposition
filename="epa_soccer_2023-08_2023-08-12_2023-08-12-10796271_epa.jpg-c0-73-800-451-s570-320"
content-length
35628
expires
Fri, 16 Aug 2024 13:35:20 GMT
/
img.kooora.com/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=afp%2f20230812%2f20230812-afp_33r492x_afp.jpg&z=570|320&c=0|0|800|451&h=1661
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d078baaab13a22fb916997d262db5d0e4d9f6a2334ec28e6489763af6c96fa75

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
afp,20230812a
cache-control
public, max-age=31278985
content-disposition
filename="afp_20230812_20230812-afp_33r492x_afp.jpg-c0-0-800-451-s570-320"
content-length
33053
expires
Tue, 13 Aug 2024 15:25:25 GMT
segment
api.permutive.com/ctx/v1/ 		46 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/ctx/v1/segment?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
74694df397a6bf27ab13b130fef7748305116fa05960a7a9f1507dd8fe9c46c1

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 14:49:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
content-type
application/json
invisible.js
www.kooora.com/cdn-cgi/challenge-platform/scripts/ Frame E742 		0
0
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/nw2.js?rev=1865&ch=9209
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (cha/81B3) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 14:49:00 GMT
Content-Encoding
gzip
Age
1179
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (cha/81B3)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
live.json
ktv.kooora.ws/ 		2 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ktv.kooora.ws/live.json
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/nw2.js?rev=1865&ch=9209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 07:01:32 GMT
server
cloudflare
x-aspnet-version
4.0.30319
age
274
vary
Accept, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
7f82b8a15ac8a229-YYZ
alt-svc
h3=":443"; ma=86400
xgemius.js
gaae.hit.gemius.pl/ 		0
0
shadow-black.png
o.kooora.com/e/ 		984 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/shadow-black.png
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/aw2.css?rev=585&ch=4439
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b68d489b23f997bb7149ebedd970825581bed954ab2e902eeade00b4c651736e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://o.kooora.com/aw2.css?rev=585&ch=4439
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:55 GMT
etag
"8d503cd212d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589838
accept-ranges
bytes
content-length
984
expires
Sat, 16 Sep 2023 14:12:58 GMT
eu.png
o.kooora.com/e/ 		372 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/eu.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
195dbefc2d69570380eaa910f894c45a32c267d4612e6e539463d28ae875ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:53 GMT
etag
"586b80d112d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589752
accept-ranges
bytes
content-length
372
expires
Sat, 16 Sep 2023 14:11:32 GMT
es.png
o.kooora.com/e/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/es.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
877351236b1f2ac8d0a548ccff57d558bd71b9e551b74bcd6eeadeb4a301a0a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:53 GMT
etag
"94a67bd112d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589685
accept-ranges
bytes
content-length
1047
expires
Sat, 16 Sep 2023 14:10:25 GMT
it.png
o.kooora.com/e/ 		372 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/it.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20cf0586f837d1a2b4dea3b96722ed042096afcbc82de8c63acd3224a1e9f5b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:54 GMT
etag
"7993ddd112d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589671
accept-ranges
bytes
content-length
372
expires
Sat, 16 Sep 2023 14:10:11 GMT
en.png
o.kooora.com/e/ 		368 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/en.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ca15c10d1dcd0eb0d241f1ea17f5391c7c0a14228f28557a10456afe69b7e260
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:53 GMT
etag
"17f74bd112d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589803
accept-ranges
bytes
content-length
368
expires
Sat, 16 Sep 2023 14:12:23 GMT
de.png
o.kooora.com/e/ 		352 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/de.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4011d1cca56b8e58a333c4c4e05bf7d14978c0abb3da7a3a8761e6bdf56628fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Jun 2023 10:21:22 GMT
etag
"658cdcb97a2d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589775
accept-ranges
bytes
content-length
352
expires
Sat, 16 Sep 2023 14:11:55 GMT
fr.png
o.kooora.com/e/ 		319 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/fr.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24f6cc97f74939720de02adcb49ffd9a04189c5b547e775b7308cf2ed21f4288
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:54 GMT
etag
"68b8add112d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589743
accept-ranges
bytes
content-length
319
expires
Sat, 16 Sep 2023 14:11:23 GMT
nl.png
o.kooora.com/e/ 		442 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/nl.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
894b713e7a1cf5b2c8276d264e241a9e55e291dc6f5d6eb3c850eb551a575bd9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 14:04:39 GMT
etag
"7092fc313d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589671
accept-ranges
bytes
content-length
442
expires
Sat, 16 Sep 2023 14:10:11 GMT
pt.png
o.kooora.com/e/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.kooora.com/e/pt.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b55bc0dd548369b55806c374e7837f61c0b6d0c4f4df9aa99369239b06a84137
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 13:57:55 GMT
etag
"8d503cd212d1d91:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2589686
accept-ranges
bytes
content-length
1937
expires
Sat, 16 Sep 2023 14:10:26 GMT
/
img.kooora.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2ft%2f0%2f71%2freal-madrid-cf-3.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44a7b42d08cf6b05d2cf15801f2f4705efe96b5f71f8cc3c63bc78b8f2ac04ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,t,0,71
cache-control
public, max-age=24147160
content-disposition
filename="o_t_0_71_real-madrid-cf-3.png"
content-length
7887
expires
Thu, 23 May 2024 02:21:40 GMT
/
img.kooora.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=kooora_logo%2fteams%2fspain%2ffc+barcelona.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c6cf457ec76b0dac33403f4fccddadbadae0623749919ebb20a9e9b787da7ab6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
kooora_logo,teams,spain,fc barcelona.gif
cache-control
public, max-age=24147144
content-disposition
filename="kooora_logo_teams_spain_fc barcelona.gif"
content-length
9195
expires
Thu, 23 May 2024 02:21:24 GMT
/
img.kooora.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=ashrafzamrani%2fatletico+madrid+.jpg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6936ea19849e01173fad2dce719bf902cd609ea52610e2a14ede6496082cb4a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
ashrafzamrani
cache-control
public, max-age=24142979
content-disposition
filename="ashrafzamrani_atletico madrid .jpg"
content-length
3991
expires
Thu, 23 May 2024 01:11:59 GMT
/
img.kooora.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=teams%2fengland%2f2014%2f2015%2fmanchester_united.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b49e0b22df428d572f37cc586c66682ff5dff1b038a49c4e556f660c38a24041

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
teams,england,2014,2015
cache-control
public, max-age=25175021
content-disposition
filename="teams_england_2014_2015_manchester_united.gif"
content-length
8219
expires
Mon, 03 Jun 2024 23:52:41 GMT
/
img.kooora.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=ohatta%2fteam_logo%2feurope%2fengland%2fmanchester_city_2016.jpg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d22c3d0a5bdd32c0b05ab3f6fd442c74d37042253e0ba76418cb4b8a5a777bfc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
ohatta,team_logo,europe,england
cache-control
public, max-age=26194656
content-disposition
filename="ohatta_team_logo_europe_england_manchester_city_2016.jpg"
content-length
7263
expires
Sat, 15 Jun 2024 19:06:36 GMT
/
img.kooora.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=ohatta%2fteam_logo%2feurope%2fengland%2farsenal.jpg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
03d36f8b41f20219fb222c0250db69532a702571a63fedf8df1e808e7d1fe0f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
ohatta,team_logo,europe,england
cache-control
public, max-age=24120956
content-disposition
filename="ohatta_team_logo_europe_england_arsenal.jpg"
content-length
6964
expires
Wed, 22 May 2024 19:04:56 GMT
/
img.kooora.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=teams%2fengland%2f2014%2f2015%2ftottenham_hotspur.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf6cf3591409e6fa7c59f75147ac9822d46e6ab3ac20b59d136e017762cc505f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
teams,england,2014,2015
cache-control
public, max-age=25963680
content-disposition
filename="teams_england_2014_2015_tottenham_hotspur.gif"
content-length
4082
expires
Thu, 13 Jun 2024 02:57:00 GMT
/
img.kooora.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=teams%2fengland%2f2014%2f2015%2fchelsea_fc.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
42cc58d347935bf8465a7d64fd8c25400b4199cf6c9331efbf850c21a0a895eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
teams,england,2014,2015
cache-control
public, max-age=25491796
content-disposition
filename="teams_england_2014_2015_chelsea_fc.gif"
content-length
8042
expires
Fri, 07 Jun 2024 15:52:16 GMT
/
img.kooora.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=teams%2fengland%2f2014%2f2015%2fliverpool_fc.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d3998bebacda90512287b2d33014765af10be08a50ebefd87903c6c8a020efc4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
teams,england,2014,2015
cache-control
public, max-age=24146870
content-disposition
filename="teams_england_2014_2015_liverpool_fc.gif"
content-length
7687
expires
Thu, 23 May 2024 02:16:50 GMT
/
img.kooora.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2ft%2f0%2f31%2fjuventus-fc-1.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc2e6ce019b19fe24e71cda095021ad782b90dfbaefb9aa6c2c5aa972b02b393

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,t,0,31
cache-control
public, max-age=26353566
content-disposition
filename="o_t_0_31_juventus-fc-1.png"
content-length
4389
expires
Mon, 17 Jun 2024 15:15:06 GMT
/
img.kooora.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=italy2015%2fac+milan.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
269d71007931b5e0f88629938943f4d936455963c75aca95ccc8bf0212aff52b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
italy2015,ac milan.gif
cache-control
public, max-age=25830706
content-disposition
filename="italy2015_ac milan.gif"
content-length
5550
expires
Tue, 11 Jun 2024 14:00:46 GMT
/
img.kooora.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=ashrafmks%2froma.jpg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2b6d4d5d1f8e53b2c01974480409d60f1044b01a01f5d7e52ef1de31233dd90c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
ashrafmks
cache-control
public, max-age=24308320
content-disposition
filename="ashrafmks_roma.jpg"
content-length
6131
expires
Fri, 24 May 2024 23:07:40 GMT
/
img.kooora.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2ft%2f0%2f29%2finternazionale-milan-2.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ea7b825ce69a84589a7985fa53583fa1d15f0c18eb692788c1b8e045e0e6469

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,t,0,29
cache-control
public, max-age=23947787
content-disposition
filename="o_t_0_29_internazionale-milan-2.png"
content-length
9348
expires
Mon, 20 May 2024 18:58:47 GMT
/
img.kooora.com/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2ft%2f0%2f84%2fborussia-dortmund-1.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bb8c8a58fce0d02869d82360aa6f08625a262bb28c8b0273fa43388eadb8e75f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,t,0,84
cache-control
public, max-age=24147160
content-disposition
filename="o_t_0_84_borussia-dortmund-1.png"
content-length
33935
expires
Thu, 23 May 2024 02:21:40 GMT
/
img.kooora.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2ft%2f0%2f83%2ffc-bayern-munich-4.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
94c9982c1d90a77ca62b84a0f734b9b9cbb8fa71815afe640ec12bacc9a77826

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,t,0,83
cache-control
public, max-age=25755788
content-disposition
filename="o_t_0_83_fc-bayern-munich-4.png"
content-length
3689
expires
Mon, 10 Jun 2024 17:12:08 GMT
/
img.kooora.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=o%2ft%2f0%2f93%2ffc-schalke-04-1.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c38789cc6e1e9944042b6b8f9733268a19271113edc9a54bbf9ca39348989062

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/png
cache-tag
o,t,0,93
cache-control
public, max-age=26151301
content-disposition
filename="o_t_0_93_fc-schalke-04-1.png"
content-length
6121
expires
Sat, 15 Jun 2024 07:04:01 GMT
/
img.kooora.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=kooora_logo%2fteams%2ffrance%2fligue1%2fparissaint-germain.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
255a2b3179669a9c85193653e69c78154b486da341891e01125a68c1cbb03348

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
kooora_logo,teams,france,ligue1
cache-control
public, max-age=26040014
content-disposition
filename="kooora_logo_teams_france_ligue1_parissaint-germain.gif"
content-length
12572
expires
Fri, 14 Jun 2024 00:09:14 GMT
/
img.kooora.com/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=kooora_logo%2fteams%2ffrance%2fligue1%2fas_monaco.gif
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e5c6157324ef5ee70300289ea0906a92c2672bbbf6548669f16e2ed441d55f95

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/gif
cache-tag
kooora_logo,teams,france,ligue1
cache-control
public, max-age=26040020
content-disposition
filename="kooora_logo_teams_france_ligue1_as_monaco.gif"
content-length
27575
expires
Fri, 14 Jun 2024 00:09:20 GMT
/
img.kooora.com/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=epa%2fsoccer%2f2023-06%2f2023-06-04%2f2023-06-04-10673255_epa.jpg&z=570|320&c=0|16|800|451&h=4929
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34d1d11a74873097624404cf64022ffcb92322eea98e9a96124f450cd402180e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
epa,soccer,20230604
cache-control
public, max-age=31524503
content-disposition
filename="epa_soccer_2023-06_2023-06-04_2023-06-04-10673255_epa.jpg-c0-16-800-451-s570-320"
content-length
22703
expires
Fri, 16 Aug 2024 11:37:23 GMT
/
img.kooora.com/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=afp%2f20230520%2f20230520-afp_33fn72m_afp.jpg&z=570|320&c=0|0|797|448&h=3982
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c35c80c916b3ffe07b752fbc917a02e76188e1536020b4bc07c30cee971240d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
afp,20230520a
cache-control
public, max-age=31523123
content-disposition
filename="afp_20230520_20230520-afp_33fn72m_afp.jpg-c0-0-797-448-s570-320"
content-length
29114
expires
Fri, 16 Aug 2024 11:14:23 GMT
/
img.kooora.com/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=epa%2fsoccer%2f2022-03%2f2022-03-18%2f2022-03-18-09833263_epa.jpg&z=570|320&c=0|83|800|449&h=8885
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4d631e4f03d785a1e935cd31962cd80b394524cc7c3720cf0d43e3f9fbcbd03

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
epa,soccer,20220318
cache-control
public, max-age=31506428
content-disposition
filename="epa_soccer_2022-03_2022-03-18_2022-03-18-09833263_epa.jpg-c0-83-800-449-s570-320"
content-length
19768
expires
Fri, 16 Aug 2024 06:36:08 GMT
/
img.kooora.com/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=amr_11%2fimage_6487327.jpg&z=570|320&c=0|0|1280|719&h=1959
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bd22bfbffa133f578c671f1c8b09f562642c18d683c2d808449e3d39ed760630

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
amr_11
cache-control
public, max-age=31437236
content-disposition
filename="amr_11_image_6487327.jpg-c0-0-1280-719-s570-320"
content-length
27478
expires
Thu, 15 Aug 2024 11:22:56 GMT
/
img.kooora.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=amr11%2fwhatsapp+image+2023-08-14+at+18.07.58.jpg&z=570|320&c=0|0|1280|719&h=6492
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
47ba7e111914cd75287c93e072b6354cf34f5e0d0d0809b510aba75699cbc708

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
amr11
cache-control
public, max-age=31430520
content-disposition
filename="amr11_whatsapp image 2023-08-14 at 18.07.58.jpg-c0-0-1280-719-s570-320"
content-length
17631
expires
Thu, 15 Aug 2024 09:31:00 GMT
/
img.kooora.com/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=afp%2f20230816%2f20230816-afp_33rc3ue_afp.jpg&z=570|320&c=0|8|800|451&h=2933
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae0e057cbbdb9228ff2b0edf6f630ba7400626a488aee2c6ef54c1e22384819a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
afp,20230816a
cache-control
public, max-age=31501879
content-disposition
filename="afp_20230816_20230816-afp_33rc3ue_afp.jpg-c0-8-800-451-s570-320"
content-length
51369
expires
Fri, 16 Aug 2024 05:20:19 GMT
/
img.kooora.com/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=epa%2fsoccer%2f2023-08%2f2023-08-12%2f2023-08-12-10797812_epa.jpg&z=570|320&c=0|0|800|449&h=9728
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55adf972ae894b7664aaa4cfad8cb1f591cfc9d875a6a9ad366479d12097e93c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
epa,soccer,20230812
cache-control
public, max-age=31506848
content-disposition
filename="epa_soccer_2023-08_2023-08-12_2023-08-12-10797812_epa.jpg-c0-0-800-449-s570-320"
content-length
23244
expires
Fri, 16 Aug 2024 06:43:08 GMT
/
img.kooora.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=mkandeel2%2f130%2f170.jpg&z=570|320&c=0|0|695|393&h=7426
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7527a0e40c25a9ba48530c7e277c54ef29a6297d0190fb1a66a69d9c9e4e6dec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
mkandeel2,130
cache-control
public, max-age=31526829
content-disposition
filename="mkandeel2_130_170.jpg-c0-0-695-393-s570-320"
content-length
17955
expires
Fri, 16 Aug 2024 12:16:09 GMT
/
img.kooora.com/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=albums%2fmatches%2f2434438%2f20230816-afp_33rb6r9_afp.jpg&z=570|320&c=0|33|800|451&h=8073
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
566ae979cccb2f7f10e77057cc66ed2ba8b45f812211174c4bfcde2bcea50966

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
albums,matches,2434438,20230816a
cache-control
public, max-age=31518365
content-disposition
filename="albums_matches_2434438_20230816-afp_33rb6r9_afp.jpg-c0-33-800-451-s570-320"
content-length
43819
expires
Fri, 16 Aug 2024 09:55:05 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?bannnerid=7764548_advertisement_
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-65.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 08:00:59 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 c0b8ad2b338051f9d0463eb8de3956ae.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
2184482
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
2f65umLgscMvHHuQUFsVGvbi5lfGXf0iwpTt0qBCmLVZXYJwigAgjA==
1506063979515344
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1506063979515344?v=2.9.123&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
c21d1138a06d7535d2ddcbc0a4ee9f969eb767d1588add08f9c1959d9437bdb0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 17 Aug 2023 14:49:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89256
x-xss-protection
0
pragma
public
x-fb-debug
xxov2U2qrWNqFmUb1B60IbflfCJX3Zy6PCdDapgUSDxmqeoTzl1E96fkqDwbnX31xGuVIU0SOET3ZnPZGwDJkg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/ar_AR/ 		308 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js?hash=41cb7cd1ab1c9d4d8bba676f38aad11a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
2298dd946d27de7d6853ec23e68b0772f6cf407e977bb3fd1e6abf97c75852af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.kooora.com/
Origin
https://www.kooora.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Aug 2023 14:49:00 GMT
content-md5
OtgmjW5idQmjCsxCIy/YBw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89128
x-fb-debug
jExc51b57rIbdRMECwasyl0ZSAo3n+gSq2iwc9Dkn+J1/9l7REx+6g60cDA4NkuyTFs6MICcbmqivIMcWS111Q==
x-fb-content-md5
39d52d7e8bd174bdbdaf1d12105efa7b
cross-origin-opener-policy
same-origin-allow-popups
etag
"b06e60fe3aeb5589ce945ff1b3bc5221"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 16 Aug 2024 13:55:50 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q2V3M512SC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3FSNX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
459b6cbe53e7b1587f39470f544d76b1a08cf3a271b71a960f54f8c0c9b98b84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81813
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 17 Aug 2023 14:49:00 GMT
js
www.google-analytics.com/gtm/ 		122 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-T24P46T&cid=157664921.1692283740
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
97214a8e0633cad3a16d3980417c251b252b9f63793fa1656e14bc7c30b218fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48700
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Aug 2023 14:49:00 GMT
/
img.kooora.com/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=afp%2f20230202%2f20230202-afp_338d9h7_afp.jpg&z=570|320&h=8115
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/nw2.js?rev=1865&ch=9209
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1689a4ad9864da0946649d3f295a30b78d01dbfb2e9900b660882d5d3995298c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
afp,20230202a
cache-control
public, max-age=31535867
content-disposition
filename="afp_20230202_20230202-afp_338d9h7_afp.jpg-s570-320"
content-length
22449
expires
Fri, 16 Aug 2024 14:46:47 GMT
/
img.kooora.com/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=reuters%2f2019-05-07%2f2019-05-07t204510z_1014676826_rc1dd1b02100_rtrmadp_3_soccer-champions-liv-fcb_reuters.jpg&z=570|320&c=27|29|549|310&h=6791
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/nw2.js?rev=1865&ch=9209
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
25a7efdd88fb12c342f6f65d0b981471131974ffcea292d4b3e247013f1f6a32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
reuters,20190507
cache-control
public, max-age=31534157
content-disposition
filename="reuters_2019-05-07_2019-05-07t204510z_1014676826_rc1dd1b02100_rtrmadp_3_soccer-champions-liv-fcb_reuters.jpg-c27-29-549-310-s570-320"
content-length
33361
expires
Fri, 16 Aug 2024 14:18:17 GMT
pxid
f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co/v2.0/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co/v2.0/pxid?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4bd6ad3bfb279b72b49ec2e10cad1470e1535b22479dd63c33544c43313d5020

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:00 GMT
an-x-request-uuid
42aaf0f3-6eb3-42d0-ae7a-6d4a2c7b7282
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kooora.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vod_data.json
ktv.kooora.ws/ 		260 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ktv.kooora.ws/vod_data.json
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/nw2.js?rev=1865&ch=9209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6bdd917a692c1f858bedc2f1eef23f5fbeeab63e5d6c1fd4aec4e39b6aea3b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 09:36:49 GMT
server
cloudflare
x-aspnet-version
4.0.30319
age
273
vary
Accept, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=101
cf-ray
7f82b8a22be9a229-YYZ
alt-svc
h3=":443"; ma=86400
03a5bd0f-7e9c-45f0-94ae-1e0d2841307f
https://www.kooora.com/ 		724 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kooora.com/03a5bd0f-7e9c-45f0-94ae-1e0d2841307f
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c67e65fac427ec2291154e20834508b42da08c513b8853a546249ebe37ffb6e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
741118
Content-Type
7b70f06c-e232-4587-bde9-f3fa4f3347ed
https://www.kooora.com/ 		724 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kooora.com/7b70f06c-e232-4587-bde9-f3fa4f3347ed
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c67e65fac427ec2291154e20834508b42da08c513b8853a546249ebe37ffb6e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
741118
Content-Type
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=36390024&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692283740589&ns_c=windows-1256&c7=https%3A%2F%2Fwww.kooora.com%2F&c8=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=36390024&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692283740589&ns_c=windows-1256&c7=https%3A%2F%2Fwww.kooora.com%2F&c8=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=36390024&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692283740589&ns_c=windows-1256&c7=https%3A%2F%2Fwww.kooora.com%2F&c8=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&c9=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Server
108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-33.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
via
1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P1
x-amz-cf-id
rPJXz-QYzTzAQcDHf7iF-rdN9oLye0FF_HtWxKygoSqdJ2_KVgs-_A==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 17 Aug 2023 14:49:00 GMT
via
1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=36390024&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692283740589&ns_c=windows-1256&c7=https%3A%2F%2Fwww.kooora.com%2F&c8=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&c9=
content-length
0
x-amz-cf-id
76Ns0SKOJq6xTLF82CNorkEGKJx3HwteZ9SXqPbG2yaeONrjPi9Uqg==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5065&u=https%3A%2F%2Fwww.kooora.com
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
Server /
Resource Hash
ba6ea77a207ef95520f3f1e20876ae516b04325660bb4ec1b45a79445a9a6bd1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 13:54:02 GMT
via
1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
age
3298
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.kooora.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1656
x-amz-cf-id
Ib-MoMMzzYh93QI_TMZHXa5zygshWdylgd2pzA9uP7WlRtrSXP93aQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:01:16 GMT
x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
49665
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
LlC98mryVMrLYJ3Ciw2CkndXQKtpDGhqIO-zOs_XQmpT1dRx2GSfVw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
65428
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129087
x-xss-protection
0
server
cafe
etag
2193028555055074692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 15 Aug 2024 20:38:32 GMT
embed-code-template.js
cdn.fcp.codes/embed-code-template/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fcp.codes/embed-code-template/embed-code-template.js
Requested by
Host: o.kooora.com
URL: https://o.kooora.com/nw2.js?rev=1865&ch=9209
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b459092a28043cab6e5d0d19e063658c8ece00a70564043569f9a5ae73349cbc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 11:17:04 GMT
etag
"95cb649db76cb2773d9d35285b5546ba:1692271024.158365"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=160128
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2206
expires
Sat, 19 Aug 2023 11:17:48 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230817
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
75f4ffa37f1248e72a8a1694f0ddda6a01e8a9de7762db4e5e45839577f898a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 17 Aug 2023 14:49:00 GMT
x-content-type-options
nosniff
content-encoding
br
age
38889
x-jsd-version
1.0.1784
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
835
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4545-YYZ
x-jsd-version-type
version
etag
W/"63b-yzB+AVsdTJ7uVbjYg7uoqwfHXg0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		203 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5065&u=https%3A%2F%2Fwww.kooora.com%2F&pid=sD6ZcybSiRViU&cb=0&ws=1600x1200&v=23.630.1759&t=2000&slots=%5B%7B%22sd%22%3A%22Pushdown%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Fbillboard%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22bottom_mpu%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Fbottom_mpu%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22kooora-d-oop%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Fhigh_impact%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22nbanner-dynamic%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Finfinity_banner%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22nbanner-dynamic2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Finfinity_banner_2%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22NativeArticle3%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Fnativearticle3%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22NativeArticle7%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Fnativearticle7%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22skin%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Fskin%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22Leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Ftop_banner%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22MPU%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Ftop_mpu%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.180.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-180-227.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
a7cb19060141c7c2dec6266009a79cf953de799b6c4c8b317aec0db08ac0bac6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d6d2c99e22fa470e01c3d422bed2160e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P2
x-amz-rid
WAMXP59X6504RE8CK94D
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
203
x-amz-cf-id
-Zl6UGl2IpqsJPwDjld58nfZ1LHytmoEVl_F_m-1HdPZs4bY7yopJw==
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 14:49:00 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
528584
ETag
W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQde27Hrw4NnVJ2ihmNbS9ok0ywogOOFl2p0rg1HtQi1xz6NOlc6tO4gLIpuHFKJRSucA%2Fy1a5AqdHKnXNPGNBBugdY4aLK2pkpYWHDeCUPmCMB9wG9X9%2BZqH1DOD6fI"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7f82b8a3c8403701-YYZ
/
img.kooora.com/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.kooora.com/?i=afp%2f20230811%2f20230811-afp_33r38l3_afp.jpg&z=570|320&c=29|32|745|420&h=8898
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1df10b45bf278e34f530ae2acc8ea03f5d888b75579421d19656ba7ef7a755b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-tag
afp,20230811a
cache-control
public, max-age=31462452
content-disposition
filename="afp_20230811_20230811-afp_33r38l3_afp.jpg-c29-32-745-420-s570-320"
content-length
24433
expires
Thu, 15 Aug 2024 18:23:12 GMT
f3a06674-ebb9-4b9d-ba8f-0052018c0687-models.bin
cdn.permutive.com/models/v2/ 		285 KB
196 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/f3a06674-ebb9-4b9d-ba8f-0052018c0687-models.bin
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1899a7b496387d4935d7742b1f2f14d9f5d71bd83f58f512d5b0a039eda030ec

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
f3a06674-ebb9-4b9d-ba8f-0052018c0687
age
0
x-guploader-uploadid
ADPycdu_B0hNwY1jYRsPx5hAUrKlh5_eqcUFzhn2zSYFAzdd4U2aCdyih0v2-AoRXS4Cf2ZhANWRVPO7_pAijUjbYjW4Sg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
199498
last-modified
Tue, 15 Aug 2023 06:01:44 GMT
server
cloudflare
etag
"01640dfb7db84d427812946efd19a3db"
vary
Accept-Encoding
x-goog-generation
1692079304052406
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=d18YkA==, md5=AWQN+324TUJ4EpRu/Rmj2w==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
199498
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f82b8a3da5d54bb-YYZ
expires
Thu, 17 Aug 2023 14:42:29 GMT
geoip
api.permutive.com/v2.0/ 		277 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
a29534efb33ef6d5114d37c47cdf1a2e164dc7b8903a5dfed315f87f2d974d87

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
181
watson
api.permutive.com/v2.0/ 		181 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4d21e93f075c262d3f03a171a571f8fdf14ac5b95f7f6d3e805976d06795a4cd

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame EF1E 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.kooora.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (cha/81BD) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
33974
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Aug 2023 14:49:00 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (cha/81BD)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202307190925/ 		251 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/SVXr63cUhWrBQxT3n2dRXcBz1fU/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.4.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jul 2023 13:26:13 GMT
server
cloudflare
x-amz-request-id
E8HV45T4RNWMRE6W
age
2497272
etag
W/"6c476793b39193c54a91ff561ef3a8e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7f82b8a3f838a20b-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9QR0K6kI9RkhXZLj65hLqF7Y0fFdH6v2HKAiEd65hEmF+9MKChHtI2So+aG9ClYHIlnUSN92/wyiRYJozEQ9qA9xDl/dIeo6dhZihaz5yLM=
rules-p-Jyme3dg-jsWrz.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Jyme3dg-jsWrz.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-85.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41d0b43097d2e91cdd15c337dee519cd5076233fde28994d53e2d27171bbfd1c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:32:14 GMT
via
1.1 141cc765667839ffa8c4ad646af354cc.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
age
1006
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:50:12 GMT
server
AmazonS3
etag
"27665b2ab41bacdec066c884d57f5275"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
6U8lbvP-O2jGVHEY7kSk5G1wFdQweCzB3qjGm2v5HZoZJ4MlDwefGw==
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.kooora.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 17 Aug 2023 14:49:00 GMT
server
ATS/9.1.10.75
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.kooora.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 17 Aug 2023 14:49:00 GMT
server
ATS/9.1.10.75
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.kooora.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 17 Aug 2023 14:49:00 GMT
server
ATS/9.1.10.75
hbjson
grid.bidswitch.net/ 		23 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.124.105 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
105.124.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a458c0ada079c70a08291c9cb9682476fedca623d086789f703ee614182097bb

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 17 Aug 2023 14:49:00 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
hb-multi
hb.yellowblue.io/ 		105 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.211.37.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-37-116.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
5f7f7afdfbbf8d9348ca6edf069ba4a747a33a2c13eb27df9f9d0cfa3c3ab88c

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.kooora.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=837464
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
753e5c5127eb4dc9ee1bbafa09a29db5d41480105d3351b60438b4c5a308ac03

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2nYyBmenz1%2BzaxMvxjjCntsuh6%2BKE6OpNJfALSpfKxiZR3BtV8wq3iXmvCLedxO%2FSzEwEEhsKedPugZPa6GV49vQjOVDdYEm%2B1%2FhxFIIhIez8asQo4LKiCWHMkFkD2FfPql2lV9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f82b8a48d4d37cf-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.42.0&cb=30763003467&lsavail=1
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kooora.com
date
Thu, 17 Aug 2023 14:49:00 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		391 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23322&site_id=427740&zone_id=2444848&size_id=55&alt_size_ids=57&eid_pubcid.org=22e31d2e-e1a9-4577-8421-0c1a1a3570c7%5E1&rf=https%3A%2F%2Fwww.kooora.com%2F&tg_i.domain=kooora.com&tg_i.page=https%3A%2F%2Fwww.kooora.com%2F&tg_i.pbadslot=%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Fbillboard&tk_flint=pbjs_lite_v7.42.0&x_source.tid=0b31b645-4f60-42d6-8824-78689b4c4724&l_pb_bid_id=2679d3281b8c17f&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&p_gpid=%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Fbillboard&slots=1&rand=0.6299338427991954
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1c45c2e297a7640f327df2840be1493e87327c70b5044d59c1e72d27a91606ae

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		399 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23322&site_id=427740&zone_id=2873766&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=22e31d2e-e1a9-4577-8421-0c1a1a3570c7%5E1&rf=https%3A%2F%2Fwww.kooora.com%2F&tg_i.domain=kooora.com&tg_i.page=https%3A%2F%2Fwww.kooora.com%2F&tg_i.pbadslot=%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Finfinity_banner&tk_flint=pbjs_lite_v7.42.0&x_source.tid=96f67292-5443-4648-bf3b-90c2d23eba33&l_pb_bid_id=274890c63184df7&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&p_gpid=%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Finfinity_banner&slots=1&rand=0.8994721219645947
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2084a408aee60307cfd795a3eec3c32e68920dd0455e2da7cf4fbc9477896228

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
399
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		401 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23322&site_id=427740&zone_id=2873768&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=22e31d2e-e1a9-4577-8421-0c1a1a3570c7%5E1&rf=https%3A%2F%2Fwww.kooora.com%2F&tg_i.domain=kooora.com&tg_i.page=https%3A%2F%2Fwww.kooora.com%2F&tg_i.pbadslot=%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Finfinity_banner_2&tk_flint=pbjs_lite_v7.42.0&x_source.tid=005b8476-73c3-4a00-bf91-1a5822e2a550&l_pb_bid_id=28041f6c6ab935e&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&p_gpid=%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Finfinity_banner_2&slots=1&rand=0.7923767035127196
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
eb7f13b2885074844ec889a467a7512dd7b8a60254addd6c09b9e180ccd96991

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
401
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		394 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23322&site_id=427740&zone_id=2444850&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=22e31d2e-e1a9-4577-8421-0c1a1a3570c7%5E1&rf=https%3A%2F%2Fwww.kooora.com%2F&tg_i.domain=kooora.com&tg_i.page=https%3A%2F%2Fwww.kooora.com%2F&tg_i.pbadslot=%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Ftop_banner&tk_flint=pbjs_lite_v7.42.0&x_source.tid=13db1a87-dc92-49f0-b9c7-dee7981de24f&l_pb_bid_id=299f26d3a752bf7&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&p_gpid=%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Ftop_banner&slots=1&rand=0.21967888839943828
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cba2c002ff5e4c686aa42f2c207ec28b9b4f0398bc24f493070b313498df87c2

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
394
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		389 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23322&site_id=427740&zone_id=2444852&size_id=15&alt_size_ids=10&eid_pubcid.org=22e31d2e-e1a9-4577-8421-0c1a1a3570c7%5E1&rf=https%3A%2F%2Fwww.kooora.com%2F&tg_i.domain=kooora.com&tg_i.page=https%3A%2F%2Fwww.kooora.com%2F&tg_i.pbadslot=%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Ftop_mpu&tk_flint=pbjs_lite_v7.42.0&x_source.tid=0fce58d2-96cc-41b8-b447-1d1cdf2e5bd8&l_pb_bid_id=30e5a1f0fd30051&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&p_gpid=%2F22272936144%2Fkooora%2Fkooora_web%2Fhomepage%2Ftop_mpu&slots=1&rand=0.964266302179583
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
36ed217ae5545d49d8aa78c1b0cdadb7ba83caf019f4550222bf13f5d475ffa8

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
389
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		581 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
af1b984b0e7f4f0a21b042b96c60f9bc8a4a9b6d5e7242c966a676fbf63b16c8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:00 GMT
content-encoding
gzip
an-x-request-uuid
efea2272-00d6-4ce5-b90b-219b2caf47cf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kooora.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b894ecedeed7425bcca0f14e3e18cc20f0e0bed1ef36b4699c6018a77a21540a

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Thu, 17 Aug 2023 14:49:00 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1204
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f82b8a4abc13905-YYZ
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
73d84a380010925b59a7b70669f06daa034e4a3bf9a21edaadc6725d9bfe5d2e

Request headers

Referer
https://www.kooora.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
fe2ee2b4f10d657b22c84bc4422f88b3dcce7de07a88aa80cc3cffed4d8e94ed

Request headers

Referer
https://www.kooora.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
bd67b5a29762a0d23c1cbeb00437b98be0a1639d95004714d4819be1ab6c7bdb

Request headers

Referer
https://www.kooora.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
content-length
84
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kooora.com
date
Thu, 17 Aug 2023 14:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ats.js
ats.rlcdn.com/ 		236 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.25.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-25-42.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad62175d8e3aa669b02496a9c7a829f3c924e5687c7c4962e173e287924ec94e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding
gzip
via
1.1 2b14bcf8de4af74db0f6562ceac643f8.cloudfront.net (CloudFront)
date
Thu, 17 Aug 2023 13:34:49 GMT
last-modified
Thu, 08 Jun 2023 08:56:13 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
4454
x-amz-server-side-encryption
AES256
etag
W/"a23e5e8674928ef24c6825d63b8d2927"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
NMq0AaOx2dSxdJjqU-vIzh4GgkSu1JaFj5KHXXoP_6zFothvKymnLw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.174.85 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-174-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b17917c9805c64cabba12c84121cfc59b8c28c9a9594efa979c3e18a7b1e3cf5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:02 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 17 Aug 2023 15:04:02 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		111 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
EDTYA7PQQ740QVGV
age
2845
etag
W/"850654f90e2ec1863b605c4395898e58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f82b8a4cf69a208-YYZ
x-amz-id-2
bY890S1B0Ad01IJ6ANumYqsiN2vR12JqOusb/oUNVDMycZroYvNalnvCwuPXp6LUbx+JqHFUVg8=
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Q2V3M512SC&gtm=45je38g0h2&_p=921031175&cid=157664921.1692283740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692283740&sct=1&seg=0&dl=https%3A%2F%2Fwww.kooora.com%2F&dt=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q2V3M512SC&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1506063979515344&ev=PageView&dl=https%3A%2F%2Fwww.kooora.com%2F&rl=&if=false&ts=1692283740933&sw=1600&sh=1200&v=2.9.123&r=stable&ec=0&o=30&fbp=fb.1.1692283740932.1288059443&it=1692283740315&coo=false&rqm=GET
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 17 Aug 2023 14:49:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ebf21728d91ec94ee6b9480c88f4548376d21a7ca1150e30da263ac2b0996a4e

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=921031175&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kooora.com%2F&dp=%2F&ul=en-us&de=windows-1256&dt=%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEADRAAAACAAI~&jid=1379841962&gjid=78620519&cid=157664921.1692283740&tid=UA-3167577-2&_gid=1007650714.1692283740&_slc=1&cd29=268842b2-527b-4d54-b8df-b7e8ecdde2f3&cd8=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&cd16=Homepage&z=963642351
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3167577-2&cid=157664921.1692283740&jid=1379841962&gjid=78620519&_gid=1007650714.1692283740&_u=aGBAiEADRAAAAGAAI~&z=299291534
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 17 Aug 2023 14:49:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: longitudeads-com.videoplayerhub.com
URL: https://longitudeads-com.videoplayerhub.com/galleryplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 14:49:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2166212
x-guploader-uploadid
ADPycduZLT4Egz3OccUY8BO9HQhQaPFB1QvWSXP2JV1sLWPG2UMlJ21pZzB414VM8V9U1p0QRqWsN_H-40vvify-oj-t3Akd6WML
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ry4RLToOd2UWzEgYzD2WmeIAKdrnxl8uZz0xpi1vOI7GYMG5Z663olSDE%2FKYrU6mAqDLMcfxZm%2F4YZjYSNrgAfvT58theqhmclJxyvRUmsySr7AFep5x7ePs9c01%2FmiY9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7f82b8ac7a1336fa-YYZ
expires
Sun, 23 Jul 2023 14:05:30 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.6 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 20:41:40 GMT
px.gif
ad-delivery.net/ 		43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7275444398337827
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2166212
x-guploader-uploadid
ADPycduZLT4Egz3OccUY8BO9HQhQaPFB1QvWSXP2JV1sLWPG2UMlJ21pZzB414VM8V9U1p0QRqWsN_H-40vvify-oj-t3Akd6WML
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lo%2B3yuSqhyOvG90voBE%2FeZV3OhzjP6w4qMGkphzoIvo6uzOyJgTZrZAps0SRJxVCnTxLCnAcjpN2V3sarPaoFsP88V2Fh%2F3eRgQQ83ti411jIG05%2B6XZCq9%2FIWgGcN63DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7f82b8ac7a1536fa-YYZ
expires
Sun, 23 Jul 2023 14:05:30 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=811732913404208&ev=fb_page_view&dl=https%3A%2F%2Fwww.kooora.com%2F&rl=&if=false&ts=1692283741080&sw=1600&sh=1200&at=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 17 Aug 2023 14:49:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
settings
syndication.twitter.com/ Frame EF1E 		870 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=26f1935f54c11abca1bed4e8881ec03fd04d164a
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.kooora.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-response-time
9
date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 17 Aug 2023 14:49:01 GMT
server
tsa_b
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
f1f2fe1d1c7c2de0
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
e8e320ac55532e05f0b16cd01e6e52d758d466a711c09cf6187e0060af1e3135
content-length
338
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3167577-2&cid=157664921.1692283740&jid=1379841962&_u=aGBAiEADRAAAAGAAI~&z=1093179304
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3167577-2&cid=157664921.1692283740&jid=1379841962&_u=aGBAiEADRAAAAGAAI~&z=1093179304
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame CA3B
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&dcc=t
373 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&dcc=t
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f1a5d69c6138eb11095bb87211c61a6bc6c722c9dfbfad94f9b55ad2e3d1e294
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
373
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 17 Aug 2023 14:49:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0VTEDXVT9386HAKFRE8E

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 17 Aug 2023 14:49:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TG589BA74G0G0M7JX1TV
embed-code-iframe.css
cdn.fcp.codes/embed-code-template/style/ 		2 KB
845 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.fcp.codes/embed-code-template/style/embed-code-iframe.css
Requested by
Host: cdn.fcp.codes
URL: https://cdn.fcp.codes/embed-code-template/embed-code-template.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd592488b29a94b35d723d53bd0e8a9800a5c8703429fcf0eda57dfd6adc992a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 11:17:04 GMT
etag
"0d2f507c1bbbbd78a6497f4de6830878:1692271024.221115"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=160145
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
590
expires
Sat, 19 Aug 2023 11:18:06 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
last-modified
Mon, 14 Aug 2023 12:28:03 GMT
server
cloudflare
age
0
etag
W/"c33119e4566ec99f3327d83c499e437882fc6da2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
7f82b8a98b5436a2-YYZ
content-length
3
adagio.js
script.4dex.io/ 		0
0
embed-code-iframe.js
cdn.fcp.codes/embed-code-template/ Frame 8E73 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fcp.codes/embed-code-template/embed-code-iframe.js
Requested by
Host: cdn.fcp.codes
URL: https://cdn.fcp.codes/embed-code-template/embed-code-template.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d98c7c4d9cad234790ed1ebdd0d1f1b405fa3908db0ae007d39f87ab065e504

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 11:17:04 GMT
etag
"b3fe0a777b50422d99e9f42db736e818:1692271024.176588"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=160117
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
4162
expires
Sat, 19 Aug 2023 11:17:38 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		703 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3680089329420990&correlator=4062642963886096&eid=31077070&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=22272936144%2Ckooora%2Ckooora_web%2Chomepage%2Chigh_impact&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=1&didk=3804967488&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692283741435&lmt=1692308941&adxs=800&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.kooora.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x-1&fws=0&ohw=0&ga_vid=157664921.1692283740&ga_sid=1692283741&ga_hid=921031175&ga_fc=true&dlt=1692283739445&idt=1870&prev_scp=amznbid%3D2%26amznp%3D2%26elid%3Dkooora-d-oop%26authd%3Dfalse%26display_type%3Dinit%26nobids%3Dtrue&cust_params=session-depth%3D0%26permutive%3D%26novatiq_sgmnt_id%3D%26kooora_page%3DHomepage%26kooora_competition%3Dnull%26environment%3DProduction%26pp_id%3D2947f5d6-f8fd-416f-a328-5ab65493cfe1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26kooora_pagetype%3Dhomepage%26kooora_articleauthorname%3Dnull%26kooora_articleid%3Dnull%26kooora_articlepublishdate%3Dnull%26kooora_articletitle%3Dnull%26kooora_contentcategorylevel1%3D%2525D8%2525A7%2525D9%252584%2525D8%2525B1%2525D8%2525A6%2525D9%25258A%2525D8%2525B3%2525D9%25258A%2525D8%2525A9%26kooora_contenttype%3DPage%26kooora_country%3D__%26kooora_event%3Dnull%26kooora_forum%3Dnull%26kooora_isvideo%3Dtrue%26kooora_keywords%3Dnull%26kooora_match%3Dnull%26kooora_player%3Dnull%26kooora_searchterm%3Dnull%26kooora_sport%3Dnull%26kooora_team%3Dnull%26kooora_techtype%3DWeb%26kooora_videolength%3Dnull%26kooora_videotitle%3Dnull%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26prmtvctx%3Dbrwt%252Crts%26puid%3Dd913eb4c-45ba-4d64-aee4-1085e6759b84%26ptime%3D1692283741338&adks=895081036
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
f55b0a1f0ac73e4662c2ae334854e079c0117aa19c1ce72cd66af7b8d6114f46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
346
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		568 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3680089329420990&correlator=437572373173505&eid=31077070&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=22272936144%2Ckooora%2Ckooora_web%2Chomepage%2Cnativearticle3&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=2x2&ifi=2&didk=2237580846&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692283741445&lmt=1692308941&adxs=1458&adys=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.kooora.com%2F&frm=20&vis=1&psz=996x-1&msz=996x-1&fws=4&ohw=996&ga_vid=157664921.1692283740&ga_sid=1692283741&ga_hid=921031175&ga_fc=true&dlt=1692283739445&idt=1870&prev_scp=amznbid%3D2%26amznp%3D2%26elid%3DNativeArticle3%26authd%3Dfalse%26display_type%3Dinit%26nobids%3Dtrue&cust_params=session-depth%3D0%26permutive%3D%26novatiq_sgmnt_id%3D%26kooora_page%3DHomepage%26kooora_competition%3Dnull%26environment%3DProduction%26pp_id%3D2947f5d6-f8fd-416f-a328-5ab65493cfe1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26kooora_pagetype%3Dhomepage%26kooora_articleauthorname%3Dnull%26kooora_articleid%3Dnull%26kooora_articlepublishdate%3Dnull%26kooora_articletitle%3Dnull%26kooora_contentcategorylevel1%3D%2525D8%2525A7%2525D9%252584%2525D8%2525B1%2525D8%2525A6%2525D9%25258A%2525D8%2525B3%2525D9%25258A%2525D8%2525A9%26kooora_contenttype%3DPage%26kooora_country%3D__%26kooora_event%3Dnull%26kooora_forum%3Dnull%26kooora_isvideo%3Dtrue%26kooora_keywords%3Dnull%26kooora_match%3Dnull%26kooora_player%3Dnull%26kooora_searchterm%3Dnull%26kooora_sport%3Dnull%26kooora_team%3Dnull%26kooora_techtype%3DWeb%26kooora_videolength%3Dnull%26kooora_videotitle%3Dnull%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26prmtvctx%3Dbrwt%252Crts%26puid%3Dd913eb4c-45ba-4d64-aee4-1085e6759b84%26ptime%3D1692283741338&adks=1231128254
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c80bd62900c03bc5aa7793943e3f735816338f6012153ff91caf32c78233e491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
279
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		568 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3680089329420990&correlator=1440344495218758&eid=31077070&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=22272936144%2Ckooora%2Ckooora_web%2Chomepage%2Cnativearticle7&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=2x2&ifi=3&didk=2237580818&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692283741453&lmt=1692308941&adxs=1458&adys=3714&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.kooora.com%2F&frm=20&vis=1&psz=996x-1&msz=996x-1&fws=4&ohw=996&ga_vid=157664921.1692283740&ga_sid=1692283741&ga_hid=921031175&ga_fc=true&dlt=1692283739445&idt=1870&prev_scp=amznbid%3D2%26amznp%3D2%26elid%3DNativeArticle7%26authd%3Dfalse%26display_type%3Dinit%26nobids%3Dtrue&cust_params=session-depth%3D0%26permutive%3D%26novatiq_sgmnt_id%3D%26kooora_page%3DHomepage%26kooora_competition%3Dnull%26environment%3DProduction%26pp_id%3D2947f5d6-f8fd-416f-a328-5ab65493cfe1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26kooora_pagetype%3Dhomepage%26kooora_articleauthorname%3Dnull%26kooora_articleid%3Dnull%26kooora_articlepublishdate%3Dnull%26kooora_articletitle%3Dnull%26kooora_contentcategorylevel1%3D%2525D8%2525A7%2525D9%252584%2525D8%2525B1%2525D8%2525A6%2525D9%25258A%2525D8%2525B3%2525D9%25258A%2525D8%2525A9%26kooora_contenttype%3DPage%26kooora_country%3D__%26kooora_event%3Dnull%26kooora_forum%3Dnull%26kooora_isvideo%3Dtrue%26kooora_keywords%3Dnull%26kooora_match%3Dnull%26kooora_player%3Dnull%26kooora_searchterm%3Dnull%26kooora_sport%3Dnull%26kooora_team%3Dnull%26kooora_techtype%3DWeb%26kooora_videolength%3Dnull%26kooora_videotitle%3Dnull%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26prmtvctx%3Dbrwt%252Crts%26puid%3Dd913eb4c-45ba-4d64-aee4-1085e6759b84%26ptime%3D1692283741338&adks=4197395963
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e81b46f123d2e1842125d7d419e46d82ea3a30bb6db5b832532139708f45a876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
279
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		104 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3680089329420990&correlator=604027782608096&eid=31077070&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=22272936144%2Ckooora%2Ckooora_web%2Chomepage%2Ctop_banner%2Ctop_mpu&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%7C300x600&ifi=4&didk=3510284024~4024717665&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692283741457&lmt=1692308941&adxs=557%2C159&adys=254%2C1452&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C3&ucis=4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.kooora.com%2F&frm=20&vis=1&psz=1600x364%7C1320x830&msz=970x344%7C318x830&fws=512%2C0&ohw=0%2C0&ga_vid=157664921.1692283740&ga_sid=1692283741&ga_hid=921031175&ga_fc=true&dlt=1692283739445&idt=1870&prev_scp=amznbid%3D2%26amznp%3D2%26elid%3DLeaderboard%26authd%3Dfalse%26display_type%3Dinit%26nobids%3Dtrue%7Camznbid%3D2%26amznp%3D2%26elid%3DMPU%26authd%3Dfalse%26display_type%3Dinit%26nobids%3Dtrue&cust_params=session-depth%3D0%26permutive%3D%26novatiq_sgmnt_id%3D%26kooora_page%3DHomepage%26kooora_competition%3Dnull%26environment%3DProduction%26pp_id%3D2947f5d6-f8fd-416f-a328-5ab65493cfe1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26kooora_pagetype%3Dhomepage%26kooora_articleauthorname%3Dnull%26kooora_articleid%3Dnull%26kooora_articlepublishdate%3Dnull%26kooora_articletitle%3Dnull%26kooora_contentcategorylevel1%3D%2525D8%2525A7%2525D9%252584%2525D8%2525B1%2525D8%2525A6%2525D9%25258A%2525D8%2525B3%2525D9%25258A%2525D8%2525A9%26kooora_contenttype%3DPage%26kooora_country%3D__%26kooora_event%3Dnull%26kooora_forum%3Dnull%26kooora_isvideo%3Dtrue%26kooora_keywords%3Dnull%26kooora_match%3Dnull%26kooora_player%3Dnull%26kooora_searchterm%3Dnull%26kooora_sport%3Dnull%26kooora_team%3Dnull%26kooora_techtype%3DWeb%26kooora_videolength%3Dnull%26kooora_videotitle%3Dnull%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26prmtvctx%3Dbrwt%252Crts%26puid%3Dd913eb4c-45ba-4d64-aee4-1085e6759b84%26ptime%3D1692283741338&adks=1957218521%2C4055398765
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bab9c4570132cb268d3a682bd3c1347f1541e0c2c7b11143b29931b031871eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29828
x-xss-protection
0
google-lineitem-id
-1,6316506685
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138434719310
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kooora.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0505 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:49:01 GMT
expires
Fri, 16 Aug 2024 14:49:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=728651130;rf=0;a=p-Jyme3dg-jsWrz;url=https%3A%2F%2Fwww.kooora.com%2F;uht=2;fpan=1;fpa=P0-623771001-1692283740798;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=kooora.com...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=728651130;rf=0;a=p-Jyme3dg-jsWrz;url=https%3A%2F%2Fwww.kooora.com%2F;uht=2;fpan=1;fpa=P0-623771001-1692283740798;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=kooora.com;dst=1;et=1692283741470;tzo=420;ogl=type.website%2Cimage.https%3A%2F%2Fo%252Ekooora%252Ecom%2Fi%2FkSquareLogo%252Ejpg%2Curl.%2Ctitle.%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%2Cdescription.%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%D8%A9%20%D8%AD%D9%8A%D8%A9%20%D9%88%D8%AC%D8%AF%D8%A7%D9%88%D9%84%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D9%88%D8%A2%D8%AE%D8%B1%20%D8%A7%D9%84%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%D8%A9;ses=6ee64685-b137-4ffc-9671-1a37b567af47;mdl=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.215 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
6024ad1a5e0ad8fef401194a4b863f1c173f7da24f93485bd3a8e23e898fb824
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kooora.com
date
Thu, 17 Aug 2023 14:49:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1506063979515344&ev=Microdata&dl=https%3A%2F%2Fwww.kooora.com%2F&rl=&if=false&ts=1692283741545&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fo.kooora.com%2Fi%2FkSquareLogo.jpg%22%2C%22og%3Aurl%22%3A%22%22%2C%22og%3Atitle%22%3A%22%D9%83%D9%88%D9%88%D9%88%D8%B1%D8%A9%3A%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%22%2C%22og%3Adescription%22%3A%22%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%D8%A9%20%D8%AD%D9%8A%D8%A9%20%D9%88%D8%AC%D8%AF%D8%A7%D9%88%D9%84%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D9%88%D8%A2%D8%AE%D8%B1%20%D8%A7%D9%84%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%8A%D8%A9%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.123&r=stable&ec=1&o=30&fbp=fb.1.1692283740932.1288059443&it=1692283740315&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 17 Aug 2023 14:49:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:01 GMT
server
Google Frontend
x-cloud-trace-context
0c5d455c4086f9f318e8826a78b6a5d5
/
it.lngtd.com/ 		43 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
0ded445d3b5cd51266bd5bc4b41bba64
access-control-allow-headers
Content-Type
content-length
43
68f0569b-7887-4b32-8bbd-4c8d906b42ca
fcp-api.footballco.cloud/v1/public/embed/embed-code-videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fcp-api.footballco.cloud/v1/public/embed/embed-code-videos/68f0569b-7887-4b32-8bbd-4c8d906b42ca?domain=kooora.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, X-Origin-Access-Key, Access-Control-Allow-Origin, CloudFront-Viewer-Country, x-pub-id
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
cache-control
max-age=0
content-length
2
content-type
text/html
date
Thu, 17 Aug 2023 14:49:01 GMT
expires
Thu, 17 Aug 2023 14:49:01 GMT
68f0569b-7887-4b32-8bbd-4c8d906b42ca
fcp-api.footballco.cloud/v1/public/embed/embed-code-videos/ Frame 8E73 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcp-api.footballco.cloud/v1/public/embed/embed-code-videos/68f0569b-7887-4b32-8bbd-4c8d906b42ca?domain=kooora.com
Requested by
Host: cdn.fcp.codes
URL: https://cdn.fcp.codes/embed-code-template/embed-code-iframe.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ac363bd4b019404828a5dda10394e09b81d81751d345ed20d92325bd05d2cf2e
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
659
x-xss-protection
0
referrer-policy
no-referrer
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
public, max-age=24
expires
Thu, 17 Aug 2023 14:49:25 GMT
brand_safety.json
cdn.fcp.codes/brand_safety/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.fcp.codes/brand_safety/brand_safety.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
max-age=0
content-length
2
content-type
text/html
date
Thu, 17 Aug 2023 14:49:01 GMT
expires
Thu, 17 Aug 2023 14:49:01 GMT
brand_safety.json
cdn.fcp.codes/brand_safety/ Frame 8E73 		220 KB
81 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.fcp.codes/brand_safety/brand_safety.json
Requested by
Host: cdn.fcp.codes
URL: https://cdn.fcp.codes/embed-code-template/embed-code-iframe.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6393ae2a254a4b88b33c0abf43c96b929b9225cd5cf8deb1f716074b8a0409f

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
gzip
last-modified
Thu, 16 Mar 2023 13:17:14 GMT
etag
"b0736d83f21a662d0148dfed1612bbf9:1678972634.661529"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2579350
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
83005
expires
Sat, 16 Sep 2023 11:18:11 GMT
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:01 GMT
server
Google Frontend
x-cloud-trace-context
f872d96d6172038b47505ee31697c7d0
/
it.lngtd.com/ 		43 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
6a043618d9493f3d7205e065cc59ab61
access-control-allow-headers
Content-Type
content-length
43
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:01 GMT
server
Google Frontend
x-cloud-trace-context
5b6ffa30e485db8f3643ceb0a8b94341
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
de6bc8cd58c18240f66a79f7c3ecbca2
access-control-allow-headers
Content-Type
content-length
43
83202508d7de9e350c14a6016cadb91ee0a6e1
roseincome.com/send/a0e4bc1aa5c025/ 		286 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://roseincome.com/send/a0e4bc1aa5c025/83202508d7de9e350c14a6016cadb91ee0a6e1
Requested by
Host: roseincome.com
URL: https://roseincome.com/static/ad00f84c906543767a696e49e74855eee99b-prod.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
0de69df19c3376cccd974c9edda9cb3c3dbf935f0162a15ed1cb883b461ebe58
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 17 Aug 2023 14:49:01 GMT
via
1.1 google
x-buildnumber
969809724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
x-datacenter
gce-us-central1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kooora.com
x-hostname
fen-hoothoot-us-central1-kd5m
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 17 Aug 2023 14:49:00 GMT
be2de825dfe4852e923d987fd63044378203254e4d94
roseincome.com/post/9d159fd4/ 		286 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://roseincome.com/post/9d159fd4/be2de825dfe4852e923d987fd63044378203254e4d94
Requested by
Host: roseincome.com
URL: https://roseincome.com/41a7b62bc29ca5de31708e1d02dec74387a9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
0ff717c5bf6d5b9ea3545c92ee1804d80eaf19c377f21f5ca55a9f7ca2bb60c3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 17 Aug 2023 14:49:01 GMT
via
1.1 google
x-buildnumber
969809724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
x-datacenter
gce-us-central1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kooora.com
x-hostname
fen-hoothoot-us-central1-kd5m
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 17 Aug 2023 14:49:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 17C9 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
644df5c481db69370711a735e45dd9fac91e83ded8a885841b1e610e7d3f24d9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
4252
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 17 Aug 2023 14:49:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KVXT80EYHEQH19RYSYW5
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 14:49:01 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ebf21728d91ec94ee6b9480c88f4548376d21a7ca1150e30da263ac2b0996a4e

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:01 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=40da2992-202e-46c3-bd6d-d27455ebb9ca&u=d913eb4c-45ba-4d64-aee4-1085e6759b84
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEBm0gGmrioNw91YpK3oY8dQ&error=&type=ddp&k=40da2992-202e-46c3-bd6d-d27455ebb9ca&u=d913eb4c-45ba-4d64-aee4-1085e6759b84&google_cver=1
35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEBm0gGmrioNw91YpK3oY8dQ&error=&type=ddp&k=40da2992-202e-46c3-bd6d-d27455ebb9ca&u=d913eb4c-45ba-4d64-aee4-1085e6759b84&google_cver=1
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEBm0gGmrioNw91YpK3oY8dQ&error=&type=ddp&k=40da2992-202e-46c3-bd6d-d27455ebb9ca&u=d913eb4c-45ba-4d64-aee4-1085e6759b84&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=40da2992-202e-46c3-bd6d-d27455ebb9ca,d913eb4c-45ba-4d64-aee4-1085e6759b84&gdpr=1&gdpr_consent=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 14:49:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 17C9
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.ad.smaato.net/c/?adExInit=aps&cookieCheck=1
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=caa9582fde&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=caa9582fde&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0971QS6KZA893V32J2A4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 17 Aug 2023 14:48:40 GMT
via
1.1 9bb4d05ab08e4eaa205fa572ca4c835c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CMH68-P4
age
23
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=caa9582fde&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
9apQ6Yl-AAl6XRtKLKLnGcmGcTTM_TT9amQqgLBOjwq4SUVU7M4gfA==
player.css
cdn.fcp.codes/embed-code-template/style/ Frame 8E73 		2 KB
783 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.fcp.codes/embed-code-template/style/player.css
Requested by
Host: cdn.fcp.codes
URL: https://cdn.fcp.codes/embed-code-template/embed-code-iframe.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.208 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bb54d8b1ab6563280534c92b06073f1c7794ebf72e4b5f87dadae3c96f28c77e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:02 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 11:17:04 GMT
etag
"b4bc0f6af421eadbbf64440442706bfc:1692271024.165017"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=160111
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
528
expires
Sat, 19 Aug 2023 11:17:33 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame D899 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 14 Aug 2023 17:11:00 GMT
age
250683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Aug 2024 17:11:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D899 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Aug 2023 06:33:41 GMT
age
202522
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 14 Aug 2024 06:33:41 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D899 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 14 Aug 2023 17:11:00 GMT
age
250683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Aug 2024 17:11:00 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D899 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 14 Aug 2023 17:11:00 GMT
age
250683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Aug 2024 17:11:00 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D899 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Aug 2023 03:03:42 GMT
age
215121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 14 Aug 2024 03:03:42 GMT
css
fonts.googleapis.com/ Frame D899 		0
0
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
x-cloud-trace-context
f985892eb78c35f4023e7c0a6020e165
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
x-cloud-trace-context
04ece1896edb5c039d440034aa6a8333
view
securepubads.g.doubleclick.net/pcs/ Frame 09BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuloJqHcQOI2lw_ZvreFGdVgHBmLDQBa292X2mQ2I47-193idUzsbV8BmLXlgcNQLSEN23QLQVM4-9CP7LzI1mD-Sf3HMJ3-Vc34dtSnrwZ6RUXG3X1lt-dIS9haR3tVDenUUFAW1jgARXVuBVYPQQVmEVgNPdvgqT4x3WnrQzaX_sKWCSRFWsAdfRTk9R4WhXdjxek9gtlgdB9sIiw4-E05aYE6WQK6ONUVr5MDCpPzKR1j_nWwPaLch2nj5wKs5TvnrSAeu3F4wuElzTKcEcGheYIvRdiVnS10diMop6QxfVYhx9-bEPCZkLN1corEhTFxTHPP5sNyOKssHPIezNoIpxdLBGHIeu6-18&sai=AMfl-YRWlmY2B9tkBwg5kquqYO4EQrzXK-x3SWQaAPeevg5yWyqsGXNFIOmeF-pNlFjDQZJ5M7-Xxdv80rMrmHrSOe-pWusxRcewf_z25NMlRforgB1DWYHcMCswoeEGxaVnAOjKsuQ3Hu0_HtWtPhA&sig=Cg0ArKJSzBIGZzUPxyyFEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 09BA 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
59671
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 09BA 		180 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:03 GMT
2032375439464649423
tpc.googlesyndication.com/simgad/ Frame 09BA 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2032375439464649423
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
9db621dc2056467e97edddb76820644deb47c3afca1eb7a09db2157e6a310fd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 01:36:34 GMT
x-content-type-options
nosniff
age
133949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30002
x-xss-protection
0
last-modified
Wed, 31 May 2023 15:36:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 15 Aug 2024 01:36:34 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D899 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:27:36 GMT
x-content-type-options
nosniff
server
cafe
age
48087
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Fri, 18 Aug 2023 01:27:36 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D899 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:21:38 GMT
x-content-type-options
nosniff
server
cafe
age
48445
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 18 Aug 2023 01:21:38 GMT
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
002bf963f9e92a577ac54e4dc07ff57a
access-control-allow-headers
Content-Type
content-length
43
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
64b0b101f1a46e3907a2d77a27be51d5
access-control-allow-headers
Content-Type
content-length
43
845.json
id5-sync.com/g/v2/ 		635 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/845.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
cdc218d058fa28839c8b6cd0f672b91a27353a268120a3b5b2c8ceffb6043697
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.kooora.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
amzns2s
rtb.gumgum.com/usync/ Frame EA9D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.169.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-169-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
88072e690c49cec375d277814633f1a48ab8d705634279e06cdf957cc731c6f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 17 Aug 2023 14:49:04 GMT
etag
W/"097d5a5257c613c5cb1a2b3f68699ae89"
server
nginx
timing-allow-origin
*
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3680089329420990&correlator=4206294540695956&eid=31077070&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=22272936144%2Ckooora%2Ckooora_web%2Chomepage%2Cskin%2Ctop_banner%2Ctop_mpu&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6&prev_iu_szs=1x1%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600&ifi=6&didk=834954390~3510284024~4024717665&sfv=1-0-40&rcs=0%2C1%2C1&eri=1&sc=1&cookie=ID%3D19047f30dffc240c%3AT%3D1692283741%3ART%3D1692283741%3AS%3DALNI_MYDNBcSoTkoEMmhYuZw_es0f0gACQ&gpic=UID%3D00000d8bda3b6a35%3AT%3D1692283741%3ART%3D1692283741%3AS%3DALNI_MYYTi9jPKTaGvjsnBc3xGXaHLHWxQ&abxe=1&dt=1692283743051&lmt=1692308943&adxs=1599%2C315%2C140&adys=0%2C0%2C527&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=6%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.kooora.com%2F&frm=20&vis=1&psz=1600x1%7C1600x270%7C1320x830&msz=1x-1%7C970x250%7C318x830&fws=0%2C512%2C0&ohw=0%2C0%2C0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=157664921.1692283740&ga_sid=1692283741&ga_hid=921031175&ga_fc=true&dlt=1692283739445&idt=1870&prev_scp=amznbid%3D2%26amznp%3D2%26elid%3Dskin%26authd%3Dfalse%26display_type%3Dinit%26nobids%3Dtrue%7Camznbid%3D2%26amznp%3D2%26elid%3DLeaderboard%26authd%3Dfalse%26display_type%3Dinit%26nobids%3Dtrue%7Camznbid%3D2%26amznp%3D2%26elid%3DMPU%26authd%3Dfalse%26display_type%3Dinit%26nobids%3Dtrue&cust_params=session-depth%3D0%26permutive%3D%26novatiq_sgmnt_id%3D%26kooora_page%3DHomepage%26kooora_competition%3Dnull%26environment%3DProduction%26pp_id%3D2947f5d6-f8fd-416f-a328-5ab65493cfe1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26kooora_pagetype%3Dhomepage%26kooora_articleauthorname%3Dnull%26kooora_articleid%3Dnull%26kooora_articlepublishdate%3Dnull%26kooora_articletitle%3Dnull%26kooora_contentcategorylevel1%3D%2525D8%2525A7%2525D9%252584%2525D8%2525B1%2525D8%2525A6%2525D9%25258A%2525D8%2525B3%2525D9%25258A%2525D8%2525A9%26kooora_contenttype%3DPage%26kooora_country%3D__%26kooora_event%3Dnull%26kooora_forum%3Dnull%26kooora_isvideo%3Dtrue%26kooora_keywords%3Dnull%26kooora_match%3Dnull%26kooora_player%3Dnull%26kooora_searchterm%3Dnull%26kooora_sport%3Dnull%26kooora_team%3Dnull%26kooora_techtype%3DWeb%26kooora_videolength%3Dnull%26kooora_videotitle%3Dnull%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26prmtvctx%3Dbrwt%252Crts%26puid%3Dd913eb4c-45ba-4d64-aee4-1085e6759b84%26ptime%3D1692283741338&adks=286751106%2C1957218521%2C4055398765
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
74bdf5ec34cadc0bd43030b5e8ff99134c4548f063565ed5cddaa009aedbb656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19776
x-xss-protection
0
google-lineitem-id
-2,-1,6352857555
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,138442098581
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5863251485151350681/ Frame D899 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5863251485151350681/14763004658117789537
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
ce6213257f3101867fffce20065914eaf6e754325cc281880e35b54da50004a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 08:31:38 GMT
x-content-type-options
nosniff
age
109045
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60148
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 16:09:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 15 Aug 2024 08:31:38 GMT
truncated
/ Frame D899 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D899 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D899 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
599c91dab76b3508b5d6cdc6fbb71a1e123d10f8ce7d385ae47b3f0c2bc81522

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 09BA 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a874895329a5818037246e8ab0e7e373bdfeda3b35a953f6157767a12cd17093

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 18 Aug 2023 14:49:03 GMT
audiences
api.permutive.com/audience-matching/v1/id/d913eb4c-45ba-4d64-aee4-1085e6759b84/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/d913eb4c-45ba-4d64-aee4-1085e6759b84/audiences?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 14:49:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
usermatch
ssum-sec.casalemedia.com/ Frame CC60
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
902 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47ea55db88336e0161ac540ad884cd93341a68754490469a47b5710016ce14d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f82b8b2dada37cf-YYZ
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 14:49:03 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o30W3qsu2obTx3VdgrPvdwO41Ur7AKRwoeuUq05339otQh8uF%2BhbQB4Rjm093kCucmNrkod28ANQsDbt9P9vUyqvOuwTNKNSxjNNSXcpasIZvBOQKUTE5h7f6nj22UO3Pkn0%2FJMceF%2FIcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f82b8b29a6937cf-YYZ
content-length
0
date
Thu, 17 Aug 2023 14:49:03 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jh6AzK%2BPpETzfcQvxQlYQczgB6nRF3rb6OGne3ixshK9zmgXoV7E2LPR3jCdkoLgYrE8DD%2BKtgRnh4wiWumfdvB9%2FLsY%2BF%2FmoY91N03WUssF3fSQXeCPq4JsR8JgmteuGaU1wryerPjlDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame E720 		0
0
ecm3
s.amazon-adsystem.com/ Frame F850
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8330000753667799435&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8330000753667799435&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RA54986KT2K02B8NAD0A

Redirect headers

content-length
0
date
Thu, 17 Aug 2023 14:49:03 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8330000753667799435&gdpr=0&gdpr_consent=
usersync.php
ssp.api.tappx.com/cs/ Frame 222C 		0
0
current
amazon-tam-match.dotomi.com/match/bounce/ Frame 65B3 		0
0
ecm3
s.amazon-adsystem.com/ Frame DBF3
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-96bbIT-txQqwvtdy3W6lAtjJqeH6DnZe4_kSEboebA
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-96bbIT-txQqwvtdy3W6lAtjJqeH6DnZe4_kSEboebA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
E6V3A8M6DJEBMPZ5A0XZ

Redirect headers

date
Thu, 17 Aug 2023 14:49:09 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-96bbIT-txQqwvtdy3W6lAtjJqeH6DnZe4_kSEboebA
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
match.sharethrough.com/jwumXNuB/v1/ Frame E81E 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 202B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=79189
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 14:49:09 GMT
expires
Fri, 18 Aug 2023 12:48:58 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame EB50 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 14:49:04 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame FF02
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
74aefc384f7f0ca2e9891a439f1c63f4a217848904af23e7623f4245f64ff7c9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-cdb79dd64-ktjhm
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-cdb79dd64-7h58m
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 988F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=8694686486495607686&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=8694686486495607686&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
TCPANTYCWBMXXY2JKPF7

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
2cb711db-4494-42a8-89cd-897ea1d6d8cd
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:03 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=8694686486495607686&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame 084C
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
7f460a54adf8bc1f683efddaaecc39e6597ffb3f7543bcbfc8f64f04574f8b42

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
506
Content-Type
text/html
Date
Thu, 17 Aug 2023 14:49:03 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Thu, 17 Aug 2023 14:49:03 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3dca1
index.min.js
players.brightcove.net/6286608028001/default_default/ Frame 8E73 		0
0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame A0DB 		0
0
ecm3
s.amazon-adsystem.com/ Frame 6541
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=760996673845262888508
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=760996673845262888508
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YVWR6RPB27CC6VFRY44D

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 14:49:10 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=760996673845262888508
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
geo.privacymanager.io/ 		30 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-39.cmh68.r.cloudfront.net
Software
/
Resource Hash
b7f807205142bbe9c42e24df2a3bcdaf29b0027d7a21b7fa9fe816c39d6dc3db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 09:05:21 GMT
via
1.1 ae830955a4e25d8301abbde4cfd80dec.cloudfront.net (CloudFront), 1.1 746f6e170e429fc94de6ac30e08ca30c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4, CMH68-P4
age
20622
x-amzn-requestid
67edbb82-5e20-4229-9cf7-9e84e2613ad9
x-amzn-trace-id
Root=1-64dde2d1-0618e68e3888ecd92aa0e699;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
JzBgxFF2joEFtdw=
content-length
30
x-amz-cf-id
5gK3db5eczRoa-u0q8RHboNtnMA9b603JkKxdZdxk8UQR5DDWJv0cg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
c3670b5549d0efd7a78caefd8f61fcbd39b7921dc8b
roseincome.com/6b5feb6b3/ 		2 KB
826 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://roseincome.com/6b5feb6b3/c3670b5549d0efd7a78caefd8f61fcbd39b7921dc8b
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
5b74a05f829160ff34d7bb8530e9a07669134357b6114cdb408977902130b3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Thu, 17 Aug 2023 14:49:03 GMT
x-buildnumber
969809724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
800
x-datacenter
gce-us-central1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kooora.com
x-hostname
fen-hoothoot-us-central1-kd5m
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
view
securepubads.g.doubleclick.net/pcs/ Frame 09BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuti2ajSXWgvdt69JhNAiu3mIpcaVry-fYglZk2ZIxYJJuCw6QMaKHhUhoN3_3_kgS_yK1rILlD1vbK1bl8UIOUNPPQRiIsV5mEywOhH0YVgs-iN32iAJKCNmWan73L11Xh-hpd3hNHbZuXOyvcT0az9uekTPoR3-NErWN_TQ0Ot5FRw54lDoZ0I9VnnfbYRMnTjz_NOTEy_cH5JBVhiIwcRWp9ZQJUTzHRZpIHm3tscfIBWnG1e0ZSPeBqeHSPa0XIHH3EMu_HXRUBEeWzoVV8d8BZtQZUnNDC8zIJUPLX5JFky6_qj8SroIP3CCwpaQ_kkzEplb0F2GhWtf96pG942_bs4sZmDQELvPjpjQ&sai=AMfl-YT2l-NLe51_OoT1uDPdDkNaKNYQYc2co4dXicwcaqvejhI9ji5WncixliT9_QLF4_viarWlu4SOxJclSDwe_jW2OPRDpxu_jZ0S2A_Ta0hfIlaESrCipnwXc08JmmucL58y4RXXb0WMkhEEU0s&sig=Cg0ArKJSzMdHIxgozWXyEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 14:49:03 GMT
learn
ae-gmtdmp.mookie1.com/t/v2/ 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_969251&src.rand=%5Btimestamp%5D
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.111.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.111.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:04 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
segment
api.permutive.com/clm/v1/ 		91 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
3c62ffb891f279e0bcc09f29aa6d17275f97f491ab8b94140bc8c78e4061061f

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 14:49:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91
content-type
application/json
ce28f932d65a08b5001c3a5bfd65d8e21ee436732f435f39d7f5
roseincome.com/ 		2 KB
827 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://roseincome.com/ce28f932d65a08b5001c3a5bfd65d8e21ee436732f435f39d7f5
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
9e145d8c98ae544d9f5e3aa54990795c88cbb01f0b8026d6b20203be3a6a0002
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Thu, 17 Aug 2023 14:49:03 GMT
x-buildnumber
969809724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
801
x-datacenter
gce-us-central1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kooora.com
x-hostname
fen-hoothoot-us-central1-kd5m
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
crum
dsum-sec.casalemedia.com/ Frame CC60
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN4zX8l3BI2lD4f.iBTJdgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1&google_hm=2
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0N5exhnY7O9J%2BWKS%2Biv%2FZj2aqhpFZQPWmCk4%2B1F5duzVWLtJkLIPOyrhmsiNcWPV9%2BLW4xN4oI2dL2xwSxEjfPG9qrpC0uHud0hZ63r4SrH2UjgXfzGSMN3RbEl2od%2BUmVat6hf7nyh8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8b4bdcda1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CC60
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=847b7d9c-55d6-42cc-9691-075eba001ca9&expiration=1694875743&gdpr=0&gdpr_consent=
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=847b7d9c-55d6-42cc-9691-075eba001ca9&expiration=1694875743&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEN%2BV2xF4Ou7sgNws3YCthRURJtQHwAP%2Bnk4mNKLyla4p81jHvPmdDiCC40YxwG0t1RUrKFBa8MX6tuDVqgBz5b2qGPnMlWv9Lis0WGqIH4QBaOqt7Wd7%2BYP9vqY%2Fr727g2IPY5JUodjEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8b4adbea1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=847b7d9c-55d6-42cc-9691-075eba001ca9&expiration=1694875743&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame CC60 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN4zX8l3BI2lD4f-iBTJdgAABN4AAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MPG7P66FDC3MQ882SD2Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CC60
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN4zX8l3BI2lD4f-iBTJdgAABN4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGyhz7ph35UVgYAK5_0bhh8&google_cver=1
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGyhz7ph35UVgYAK5_0bhh8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5S5mbWk%2F%2FjaQgiG6ZfBjoYaqafAtn1lL%2ByJuxtWajPPYc0%2FwbaVxUqVLjVlaCuyCg7%2BTY4cBZqaER%2BFSagEXfZZzgf0xUj8BxCs4vhQFOOoJs5HRPcarONPr%2F7UBs%2BS5R7zD09sRF8Whpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8b4adbca1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGyhz7ph35UVgYAK5_0bhh8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CC60
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8330000753667799435&gdpr=0&gdpr_consent=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8330000753667799435&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCG6H3LOEbN72bVkOFV5IZRLfRAtXVEnADVAmlbv4CdAFUq2QxRBMm3IUBciEQg1NSft7Be81Yuk0nh6aukB99XVFpOZ9cDTs%2FAJYjEQMaKa8vU%2FmKMdm4Ztyq507xHqXbQ9kCVCdv0XGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8b53e7aa1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8330000753667799435&gdpr=0&gdpr_consent=
date
Thu, 17 Aug 2023 14:49:02 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame CC60
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=3587bb3e-3d0d-11ee-8b39-a76b6e9388c8
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=3587bb3e-3d0d-11ee-8b39-a76b6e9388c8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsPyh7d6CsHcTznvUll6Um3JJVMlK0O4kM9vGxrd7jLZeFMGCnpGmDqqDh1uIRQulo0CDYt%2B%2FWQEantg%2BPL92nze1mdQMjM7Z5lwyUtppLZZabwkpE27qWR7uKVC8gn6HvIM48MDVbvd8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8b6881ca1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=3587bb3e-3d0d-11ee-8b39-a76b6e9388c8
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-2
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame CC60
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9da1b1c0-97d4-49a6-ba69-e2163e227e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9da1b1c0-97d4-49a6-ba69-e2163e227e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uN27HPr%2B5zL3PfCZ1e5CLM7HAHEIBGFeggv2UUYsrhYe1ko0TjpCgyOu98AdBzfyvIrETido42G%2BIX7cm9GUvMavmji04pv8Er6J%2FwGRwrz%2BkZTdqmpbYPhDfjqJi0N587MbTK%2BIE6LkDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8f78c08a1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9da1b1c0-97d4-49a6-ba69-e2163e227e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Thu, 17 Aug 2023 14:49:14 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame CC60
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACSYE7JvGcAACSJx0ka_g&expiration=1693493349
43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACSYE7JvGcAACSJx0ka_g&expiration=1693493349
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmrSiaUM4CsszHoU4Z87g9geBRLiemxtfnVHSgYao1Zo1wafP1nBEmug38tkvIhYgwMevegPMAXhic84O2vAJrNzzOGL8lERtO4l%2BLAfur8uflbl7gvtNonqZ8K4hk3UCTg6SeQtqORSfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8dd8a9da1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACSYE7JvGcAACSJx0ka_g&expiration=1693493349
Date
Thu, 17 Aug 2023 14:49:09 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame CC60 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZN4zX8l3BI2lD4f-iBTJdgAABN4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M8G0FNDYVQGV0S09W1TD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D899 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3680089329420990&correlator=4355674762105115&eid=31077070&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=22272936144%2Ckooora%2Ckooora_web%2Chomepage%2Cinfinity_banner&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=9&didk=3943327767&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D19047f30dffc240c%3AT%3D1692283741%3ART%3D1692283741%3AS%3DALNI_MYDNBcSoTkoEMmhYuZw_es0f0gACQ&gpic=UID%3D00000d8bda3b6a35%3AT%3D1692283741%3ART%3D1692283741%3AS%3DALNI_MYYTi9jPKTaGvjsnBc3xGXaHLHWxQ&abxe=1&dt=1692283743433&lmt=1692308943&adxs=872&adys=1579&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.kooora.com%2F&frm=20&vis=1&psz=1600x9366&msz=1600x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsn0a4q0sQ4J2sP8pi69JnGRDdaG55GkBzrwbCS8c1CzyLomHwaYwLIqq73BoaSEBu8taj5xL0T3rPRzDzIOEkTLlnSUCel4wrDTRDVRHGJG175Ti2k&ga_vid=157664921.1692283740&ga_sid=1692283741&ga_hid=921031175&ga_fc=true&dlt=1692283739445&idt=1870&prev_scp=amznbid%3D2%26amznp%3D2%26elid%3Dnbanner-dynamic%26authd%3Dfalse%26display_type%3Dinit%26nobids%3Dtrue&cust_params=session-depth%3D0%26permutive%3D23620%252C29955%252C30033%252C30937%252C30940%252C31303%252C32849%252C32850%252C52048%252C59108%252C74931%252C97994%252C105703%252Cbscp%252Cbiuc%252Cbcpm%252Cbjbj%26novatiq_sgmnt_id%3D%26kooora_page%3DHomepage%26kooora_competition%3Dnull%26environment%3DProduction%26pp_id%3D2947f5d6-f8fd-416f-a328-5ab65493cfe1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26kooora_pagetype%3Dhomepage%26kooora_articleauthorname%3Dnull%26kooora_articleid%3Dnull%26kooora_articlepublishdate%3Dnull%26kooora_articletitle%3Dnull%26kooora_contentcategorylevel1%3D%2525D8%2525A7%2525D9%252584%2525D8%2525B1%2525D8%2525A6%2525D9%25258A%2525D8%2525B3%2525D9%25258A%2525D8%2525A9%26kooora_contenttype%3DPage%26kooora_country%3D__%26kooora_event%3Dnull%26kooora_forum%3Dnull%26kooora_isvideo%3Dtrue%26kooora_keywords%3Dnull%26kooora_match%3Dnull%26kooora_player%3Dnull%26kooora_searchterm%3Dnull%26kooora_sport%3Dnull%26kooora_team%3Dnull%26kooora_techtype%3DWeb%26kooora_videolength%3Dnull%26kooora_videotitle%3Dnull%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26prmtvctx%3Dbrwt%252Crts%26puid%3Dd913eb4c-45ba-4d64-aee4-1085e6759b84%26ptime%3D1692283741338%26prmtvsdk%3Dweb&adks=4033468256
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7813e41939ba82b321af54390f175b3e34c5042642d126c450c358e61050f049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20294
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		40 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3680089329420990&correlator=12173941979610&eid=31077070&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=22272936144%2Ckooora%2Ckooora_web%2Chomepage%2Cinfinity_banner_2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=10&didk=3070620928&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D19047f30dffc240c%3AT%3D1692283741%3ART%3D1692283741%3AS%3DALNI_MYDNBcSoTkoEMmhYuZw_es0f0gACQ&gpic=UID%3D00000d8bda3b6a35%3AT%3D1692283741%3ART%3D1692283741%3AS%3DALNI_MYYTi9jPKTaGvjsnBc3xGXaHLHWxQ&abxe=1&dt=1692283743449&lmt=1692308943&adxs=872&adys=9784&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.kooora.com%2F&frm=20&vis=1&psz=1600x9366&msz=1600x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsn0a4q0sQ4J2sP8pi69JnGRDdaG55GkBzrwbCS8c1CzyLomHwaYwLIqq73BoaSEBu8taj5xL0T3rPRzDzIOEkTLlnSUCel4wrDTRDVRHGJG175Ti2k&ga_vid=157664921.1692283740&ga_sid=1692283741&ga_hid=921031175&ga_fc=true&dlt=1692283739445&idt=1870&prev_scp=amznbid%3D2%26amznp%3D2%26elid%3Dnbanner-dynamic2%26authd%3Dfalse%26display_type%3Dinit%26nobids%3Dtrue&cust_params=session-depth%3D0%26permutive%3D23620%252C29955%252C30033%252C30937%252C30940%252C31303%252C32849%252C32850%252C52048%252C59108%252C74931%252C97994%252C105703%252Cbscp%252Cbiuc%252Cbcpm%252Cbjbj%26novatiq_sgmnt_id%3D%26kooora_page%3DHomepage%26kooora_competition%3Dnull%26environment%3DProduction%26pp_id%3D2947f5d6-f8fd-416f-a328-5ab65493cfe1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26kooora_pagetype%3Dhomepage%26kooora_articleauthorname%3Dnull%26kooora_articleid%3Dnull%26kooora_articlepublishdate%3Dnull%26kooora_articletitle%3Dnull%26kooora_contentcategorylevel1%3D%2525D8%2525A7%2525D9%252584%2525D8%2525B1%2525D8%2525A6%2525D9%25258A%2525D8%2525B3%2525D9%25258A%2525D8%2525A9%26kooora_contenttype%3DPage%26kooora_country%3D__%26kooora_event%3Dnull%26kooora_forum%3Dnull%26kooora_isvideo%3Dtrue%26kooora_keywords%3Dnull%26kooora_match%3Dnull%26kooora_player%3Dnull%26kooora_searchterm%3Dnull%26kooora_sport%3Dnull%26kooora_team%3Dnull%26kooora_techtype%3DWeb%26kooora_videolength%3Dnull%26kooora_videotitle%3Dnull%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26prmtvctx%3Dbrwt%252Crts%26puid%3Dd913eb4c-45ba-4d64-aee4-1085e6759b84%26ptime%3D1692283741338%26prmtvsdk%3Dweb&adks=1150454476
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e6132743b7cd093506904400a829a15de0d6820432c24d2532d5da68afde66e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16280
x-xss-protection
0
google-lineitem-id
6316506943
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138434768463
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
x-cloud-trace-context
5b4e3797aedb32cd644fc3b3be21248c
activeview
pagead2.googlesyndication.com/pcs/ Frame 09BA 		0
0
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
f23dae2e68876e8977ac83ad1a1b28d5
access-control-allow-headers
Content-Type
content-length
43
container.html
36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 720E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:49:01 GMT
expires
Fri, 16 Aug 2024 14:49:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
x-cloud-trace-context
e865704191cb98d9284bad2effb870ec
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
x-cloud-trace-context
d5b5ebace789d217cad091feb04b7962
view
securepubads.g.doubleclick.net/pcs/ Frame C481 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrc5BaYlcd-XMYm2VSeMeRwg8IeLvnX5KlI9Urw6FvvvRyeUGwPwJ5yFVOcjfhhyK0mf2T4g4LrzEEfmY5c_eBxSvO44E2FvPf9nrh_7sszTCSBP-XrkI-hIrj-G9qyhErhcPM41hWZrf9CJxNlW9qWFpesayjsacqGN1rx9TJRWxqj9Hutkp61YmD8YLzEz-1S1v1lDWX4ODpHun40mkaC9WBO9nzlMkGeoKl7RvbM14q-x0_BYdA3kG2zPdNQgkn2p15sXJIsSmNJg-VDAfAq88TPu-mqN416NemPivANJ2-kpPp-KT8CZYwa73YbRdWVUQYnqpVBtno5aWluyQCn060S5jKNoB1RdgLtE0&sai=AMfl-YQBmgNQ8Uevuemppi2AmpB81iYCB4VmM6UfAaEbvFPDLffl3FvMBvZJTRak3VdrcUyclYd8_QtvNgoLFJ9DSwz8QBsr9KP8QjY8yAvIOwC3QsGPPWOyf-OONwU_UA&sig=Cg0ArKJSzMWuVSUrcsZuEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ Frame C481 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
391dddacbcfc534c5ee92050161cca7adffa50a4a27adf94abd3cfb4884c51ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28647
x-xss-protection
0
server
cafe
etag
698 / 19586 / m202308100101 / config-hash: 12093722524017253248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C481 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:03 GMT
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
7b6059ee5c6858777b8cebcd7c38a4ce
access-control-allow-headers
Content-Type
content-length
43
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
e8daeceba44f7395c259aa68c3569e65
access-control-allow-headers
Content-Type
content-length
43
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 18 Aug 2023 14:49:03 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1067 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjVs5LyATAB&v=APEucNWQQMKkdWeyz2ITZDH_qjue_22EXGj3r9Z3UW9bJc2hGEjjt9TQEhbqDTZa-1fENOpX0F62_O-5JDsDEmwzEDUOdE2giA
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:49:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 720E 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 720E 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BwACtOT3s6zYRAXxzPvvjUtA8VbVuOUAEanwg5kTCdshoCq5pnGmD050FSLJqtrKkXiko4osSfhldy8fP9nxx6XdDGWYixUXGdf0ylA5-igtst2z4
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 720E 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4969778399087643565&x=1&ct=76
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 720E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
59671
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 720E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
59671
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:32 GMT
l
www.google.com/ads/measurement/ Frame 720E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQc5R4ffMEJC_k3wj3Vt3dWS-YM3An-UC1k1BGVTUgL_cA1QwrXM4uVfEbA3qn7NB0BMuvzoIKLPFG5s6uXP26sZ3L_gQ
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 720E 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:03 GMT
pixel
protected-by.clarium.io/ Frame 720E 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_U1ZYcjYzY1VoV3JCUXhUM24yZFJYY0J6MWZVLzI4Mjg4MjA4ODI6NzI4eDkw&v=5&s=v31h81vhbcb&id=eyJkZnAiOnsiYWQiOjQ5OTUwMzM1MjgsImMiOm51bGwsImwiOjAsIm8iOjI4Mjg4MjA4ODIsIkEiOiIvMjIyNzI5MzYxNDQva29vb3JhL2tvb29yYV93ZWIvaG9tZXBhZ2UvdG9wX2Jhbm5lciIsInkiOjI2NDU1MywiY28iOjAsInMiOiJMZWFkZXJib2FyZCJ9fQ%3D%3D&cb=2090306&h=www.kooora.com&d=eyJ3aCI6IlUxWlljall6WTFWb1YzSkNVWGhVTTI0eVpGSllZMEo2TVdaVkx6STRNamc0TWpBNE9ESTZOekk0ZURrdyIsIndkIjp7Im8iOjI4Mjg4MjA4ODIsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.52.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-52-200.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame C481 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b52fae74fa35cc27a0acf9a38ac2b80cfc32556831789137ccaca20736dfe9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ Frame C481 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:17:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
1877
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129087
x-xss-protection
0
server
cafe
etag
2193028555055074692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 16 Aug 2024 14:17:46 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C481 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=736805950079892&correlator=1957563165443228&eid=31076868%2C31061690&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=7229%3A22367575525%2CKooora%2CHomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=1&didk=4024717665&sfv=1-0-40&sc=1&cookie=ID%3D19047f30dffc240c%3AT%3D1692283741%3ART%3D1692283741%3AS%3DALNI_MYDNBcSoTkoEMmhYuZw_es0f0gACQ&gpic=UID%3D00000d8bda3b6a35%3AT%3D1692283741%3ART%3D1692283741%3AS%3DALNI_MYYTi9jPKTaGvjsnBc3xGXaHLHWxQ&abxe=1&dt=1692283743808&lmt=1692308943&adxs=149&adys=527&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=exme0aiow2em&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.kooora.com%2F&ref=https%3A%2F%2Fwww.kooora.com%2F&top=https%3A%2F%2Fwww.kooora.com%2F&frm=23&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=157664921.1692283740&ga_sid=1692283744&ga_hid=866686791&ga_fc=true&dlt=1692283743513&idt=267&ppid=2947f5d6-f8fd-416f-a328-5ab65493cfe1&prev_scp=platform%3Dweb%26pagename%3DHomepage%26environment%3DProduction%26articleID%3Dnull%26comp%3Dnull%26country%3D__%26keywords%3Dnull%26pos%3DMPU%26adslot%3DMPU%26match%3Dnull%26player%3Dnull%26topic%3D%2525D8%2525A7%2525D9%252584%2525D8%2525B1%2525D8%2525A6%2525D9%25258A%2525D8%2525B3%2525D9%25258A%2525D8%2525A9%26pt%3Dhomepage%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_data%3D1%26m_mv%3DdataAvailable%26team%3Dnull&adks=1210273051
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
88abf3ce1d1117bee245c6698532df3b4cc81dc6ecf78c50f71469c1785f04b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11689
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D4AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:49:03 GMT
expires
Fri, 16 Aug 2024 14:49:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
x-cloud-trace-context
b64ca325bcfcb30d20bd98bc40b24163
view
securepubads.g.doubleclick.net/pcs/ Frame 9467 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT7ykKGumRlzABp-PnDIdPr5y4psvbizo8i2Lv-TxYqE5O9AlYeOxebh6YUcmoyUn6b4aicw3zH3pJgdg9VPE-sxzrTscNsYpdbccQTQQCCQlpqkg7SlP0jU8tSP_8eKVmpMkfsX4zUHpQC8ivuNWZL1TdTUVIT9dSa-D42-gJh1xZXb-NZBWk5q6-zB_P-H6jvtpxR8ONSaMHFA3hsNXTyT8KvdtL3s9XJnE_sl4wIoFNkv0VrgPEGy6lQT6HqPm0Tl5YRz8GCPSM53xDH3urxHAzpFEs1WGnuEbyYOHAARomt8hYLhevYvWbXQYnQtwJv0vQfht8jB6tN7jMZYlmt1KgI6sjzq8qb9b-F1VGPy-4L-U0&sai=AMfl-YStrXuasEUzBFz-3Csag8Mj9EwzgPiEAp_p7HvEL7rTiycn9b4bdQKmFLKqnD1qH-dg8EFVp7Z5mV-P8GS49x1E_CWPzMYM0icN4ruypsiIBCSWwC5gYO1dYD3EYg&sig=Cg0ArKJSzK0BZ8HqJY9AEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 9467 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
59671
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9467 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:03 GMT
9024086226585932256
tpc.googlesyndication.com/simgad/ Frame 9467 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9024086226585932256
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
defda983025f649ac01c60000be48a1e9f182aeabbbbba40dfde5b613c992c79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 02:28:49 GMT
x-content-type-options
nosniff
age
130814
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18381
x-xss-protection
0
last-modified
Wed, 31 May 2023 15:38:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 15 Aug 2024 02:28:49 GMT
l
www.google.com/ads/measurement/ Frame 9467 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjxPGn1teSAQA-LfHhH_RWTmck_oN09BNu253YbVDV2IiGZuW8gi5Z12T8vxSjQU8F2lfWmuUpGfuDsKs4wQFCCrd4eg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
ea57752cff3bb71df31ea53e521a9c38
access-control-allow-headers
Content-Type
content-length
43
container.html
36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 594C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:49:01 GMT
expires
Fri, 16 Aug 2024 14:49:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
x-cloud-trace-context
e9f01edf48e62a9898a83b6cc08e219c
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
d88a9ba483993e72d71912a9d9f6630c
access-control-allow-headers
Content-Type
content-length
43
truncated
/ Frame 9467 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3e75692cc89f4ee07cacd11bbbc63036118a399d58c36b4b2171bd68158b529

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
events
api.permutive.com/v2.0/batch/ 		201 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
9536b903487cfcbd868844165c6283907a2c9dc59079cbb2d9fd16df8d83573c

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139
ecm3
s.amazon-adsystem.com/ Frame 084C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=HKp5jPZH_l8WyPPsTz-RKbqb&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6WKCEMD6PGS3AAPK39SC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 084C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=8694686486495607686&gdpr=0&gdpr_consent=
43 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=8694686486495607686&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:03 GMT
an-x-request-uuid
0281576b-7273-4802-8221-663f10e3d236
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=8694686486495607686&gdpr=0&gdpr_consent=
x-proxy-origin
37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 084C
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1692283743883&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=F06F4657B4DC41A98AF08A5C4D894A39
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=F06F4657B4DC41A98AF08A5C4D894A39
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 17 Aug 2023 14:49:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=F06F4657B4DC41A98AF08A5C4D894A39
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 16 Aug 2023 14:49:04 GMT
merge
ce.lijit.com/ Frame 084C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LLFA1NIG-Q-D1JW&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LLFA1NIG-Q-D1JW&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LLFA1NIG-Q-D1JW&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
merge
ce.lijit.com/ Frame 084C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://sync2.resetdigital.co/csync/bs?type=d&bidswitch_ssp_id=fmx&gdpr=0&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=447&user_id=0000010A798DB20C&expires=15&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=
Date
Thu, 17 Aug 2023 14:49:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 084C
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HKp5jPZH_l8WyPPsTz-RKbqb&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:dd9559e307de97e659e30f3d1031aef7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:dd9559e307de97e659e30f3d1031aef7
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 17 Aug 2023 14:49:05 GMT
server
Aorta/20230816.bd034b287
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:dd9559e307de97e659e30f3d1031aef7
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
37ea227bd25c
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame C481 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmGiul_tqoFGqkW5VoKiQPK240zWkImh8WMz5IbSMQ4qnj0XWgmh3vyUzT-PyLmn4F_KcWkykl2QF4pKGtk9kU9WSMdc3At69z7iSN5p9pQM6ISoCVsE7OkxLPk9g3r0jQhMNnpyUqpttlQ4KiL9IS5iXbezNeKdNTLc24cQ0ruvsbhtrvl7LV3SrSKXytBVYwMRlPcImne_J3ichkXMCS78ijc2sYwZr-X4vtDuyZSgM9BmWMJvol8geFVMrVyJ79ro4LIOxy0Gu-zr5YAHJ66a5SAGq9G4UUboJS884Ch_rWWr04zBm-oF9efOYRoEOBjv_b8MzbQtqrqrLMEKviRtRgcweFbGWQXqiO-Fju3A&sai=AMfl-YQSkseEezmwMza9LBplvHfziMgCdsxJXpB-YoT17U6HuINPduBdbMnRh-FJ-3NtiP88UrpXbj7R-w1VyG3pMecDcb6cT0RMTAYJ5R3jDhpzTlvG9t4bBGK6Bogk_A&sig=Cg0ArKJSzL6UoRAWL6ErEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 14:49:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C481 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
3af5eb0a2aff5a7cc166af77088a4c1288bfbb3f9a1d8ac7e384c95768b98c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11784
x-xss-protection
0
dcmads.js
www.googletagservices.com/dcm/ Frame 594C 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
x-xss-protection
0
last-modified
Wed, 24 May 2023 18:59:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 17 Aug 2023 15:40:11 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 594C 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:16:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
59572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13552
x-xss-protection
0
server
cafe
etag
17023098769855550506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:16:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 594C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
59672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 594C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
59672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:32 GMT
l
www.google.com/ads/measurement/ Frame 594C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0siDeAzOZLQORFO_sf9epPITvJdCksv_EZRLwrrL19KJRhOVt5G5AehUApX0tua7JbdvijKa8eS4c9zqVl8rCCznazw
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 594C 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 594C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
59672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9092
x-xss-protection
0
server
cafe
etag
9312205082594545078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:32 GMT
pixel
protected-by.clarium.io/ Frame 594C 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_U1ZYcjYzY1VoV3JCUXhUM24yZFJYY0J6MWZVLzI4Mjg4MjA4ODI6NzI4eDkw&v=5&s=v31h81vhbp1&id=eyJkZnAiOnsiYWQiOjQ5OTUwMzM1MjgsImMiOm51bGwsImwiOjAsIm8iOjI4Mjg4MjA4ODIsIkEiOiIvMjIyNzI5MzYxNDQva29vb3JhL2tvb29yYV93ZWIvaG9tZXBhZ2UvaW5maW5pdHlfYmFubmVyIiwieSI6MjY0NTUzLCJjbyI6MCwicyI6Im5iYW5uZXItZHluYW1pYyJ9fQ%3D%3D&cb=7062098&h=www.kooora.com&d=eyJ3aCI6IlUxWlljall6WTFWb1YzSkNVWGhVTTI0eVpGSllZMEo2TVdaVkx6STRNamc0TWpBNE9ESTZOekk0ZURrdyIsIndkIjp7Im8iOjI4Mjg4MjA4ODIsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.52.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-52-200.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9467 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoZHLH7qokD3aaokwHaGG6YJmaqXO9A7K-sqyaRUtvOiJcr0nTiV75QvrDsjqRpH59QJhQ57PyVNgZPeOan2YHVL--x9NDLV1owhgq-hrSkhlL-0U9HcGg4Z4HWJmxHn0HLwV2sFrP3px-eiZt8lSi-AtNrtcLqiCQY-C8W8esfuTGcHhImO5-1xj6mj3MFcvzwdV-Lx5LuzrxoqAmqES6bRIuZGL35uTQWgF32VVXjbRW2vcz5LitrRlmYL4k_0QWkzf1ciOINhhT_knlqVG1wwSmd9_ZdmUJM84mmhznNqERkDH7VbQZTr_07Z2Tan_Oy8cioCg8PDaT55IWoNku4S3CGbfn1qPvXLfk8wMHYzRbfy0qkhU&sai=AMfl-YSQX6bTgKb0B47nC-7g9StWO2PmVxKE2M89OyhpBz7io8Efw9tB_LUVBax7n5A4R_LZlzmpJGbHqDWUGjlOSFyVkTNZ_13iyiO4lbjP0j-O6Whkk3et2lm4p6qy8Q&sig=Cg0ArKJSzF9RMGwlzqXiEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 14:49:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C481 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 14:49:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 720E 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=812111852920&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 720E 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=812111852920&version=m202307240101&ct=76&x=1&cor=4969778399087644000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 720E 		88 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsV-ntqC1U3WIhJoUgJz-ULjmr1mD5a9wqkPdThOfDtO1nxQJZISoA68wDlfpy1hsVVwIPjIIEYman7vxefJVbnJGkNQ&cry=1&dbm_d=AKAmf-BKgs7Unq3YNc3Hfs7coVy-e0s6IgZqc1PPXaWtScBvEuUqVtaX-AQurwqL6logYvS_eD9V19Dy_LKD94_ru6SCRrOj8iP92s-0a4VkiXRtQSkuQiDsMahzOV__VSR6he7Fa3q5kzu5DCXMzzr0Slf7kmnxk97fmu6Y1jcVpwt4Ttaz7Ba-hPnlS-U_6hHMxGfTDzNUfulgWfKgJYur3IBaslnzV_58SgBO41JgPksiUWRgUW43Dyu2z_ktoWtAHZWFOg3bvuAw5CN32FeNLzoAKFUdTd_l1ca_zjQRV02KMb40q85qKbmdvLn0UnV2Wj7E5KbXkUyUdp7wqiEDZXlGMm8EnYZ5XdvdJ2KjSvpxt_PnZ3sR2eQQ_-TQ1-2OmdNsXcgcZnpVvESuUEKAmBkGbq3av3W1GP7ym4MTTc0pmo0PQBG8XFgpjN15j9PeRP20wxA5Wlj-KeHCp_Us-tsbgL3qMiutkNNeU4Zg5owH7MIZqDkLgxCGoUw53i0Z9w4hPCx_-Y0Bgq78pTJ7Ef0AQpiToX-QLDs49ayyZC9-guXCmDV_jO7ExaweXVzOs5cor32k98O4S1rDgQJ8GNlx2G7T2I00oLwxYf9BpV42CKPFLRCGQi_mp6dGciS0C-qdGZvhSeRAv6xRHm3t3xB0VVaou4lqtnYIDraqKu29vb63becJZ6nF_TUuRdDeZ8VKyi3_lDNo4y_SAmtcIJqMKKT3kH6PiG3OxFXHJd_VDlMR3SnJBxsM6Go6Jld5mRZHZ_UdjysuRm3IMqumHS_4JKsPFRVyrQQ0-Fy5NvnjZlcvsXNodnKG8CH7IsZRRwGRJacBZ7fG3oJyOMEBWUX5DgM3wZhyBC9OfO9mevn2F1VubTzlhUHQzfNAihSwxCDEG3ilWb_sXOCk0qtWGwpd7tC5RirfmOnofCnkMP3lb8t3-5ujzw4f1Z1R6O6HImqHgMKOb4yZtUAllob8sCq80tSFXbNveGbnSa2R2Uc1-uAbOLds8ABnd05Zu2od_WKaco6KQugcUftMCOtXz0WscJHuHrEKgsw5W8fpn0SeF6h229EZioFjWnJLRw9voyqrazobVKeKDdoHP72uIM7QUgEz02aAjdB79pzzML_DVf21E3f6aiMcikw_gs6_95dSIO-bwuoixpiNxlRK-WR5pZKWBsRpV2JUkJ17eS8SIkTFL0EEtphi_wlJFSWnBJlirT9t8rT-QytfuU1QY9dFZJYudHuEkergQ0ipWljEz-1dUJeJkKtU3NhmdAlrw1g3BV9xb-g0887pNgVznK4u-c7fh1B9mZNC_KgL8ZFDAxdvrzYzuM97g9we247fHF1wI2MhCNrfYIXh7BjCAx2YzbUVNPmDzLu5yXJ1_EOqZWkvTQ45CDx-vjufpbn3GJro0ITf9YwXEB4kTGsvauzb3iOPs4IUWNwtBoYxmTL5keYEGoy95DsDZUmQD42ItS2VvJObiAv_pTuNDHc4stQov3ydAgGUccmD6jMaYjKR2ZTtcq6gB9Z1uJ47Xioz74oijjgM5dB8OmyMEj4aC3gCzuazQ4NIZKNWPf05-gm4c9A1thyJEIAexg-grk9_GYVXrB_lbaf6_SgDmwdjEvkQ0gR394Qp8gxV01gDFf9DPn_ym3Dp6Jh2wx8yQz6PCuyV25LRZq2FK4ykyIbf7kd4TbJnAh-GpZJP82Darl0bv3AudMEz6lZz0AuKpDQqaD0lOipAN8g4Y0iBh0eCWFkOS3o3pSiLvXp9r8BGz5NzZOOo8n5YV7F90_fdNsYXKbahKPK9aUXtdz6GwUztjYO2RXNb-EW5Mj84Uff_RoPHUwYOtMNj5xbgGY5Zr3G_P3bRGSDJU5LHcXrRA0EMAhsX6x8ZdNN5WBBpUmXQiiEOCek6sPZrsYJGAiS29wXJTEhcX4swp98RNLeqydBxZZaqYiMivKtfuAbwM4DrjipuGa53nWutrBCqJj7FHc4vk_PxIUQF4ZyanxeJmyRT51zaf8JPPOz-ZbS--NfnR5JjrMivs4kGkm08IVP4Jljg8y4mzom-p9rXUOP4u9M2TUWOT1Ru1e9nWhFQSrdys2uWXCYOqXmsjH7ZGcDJRuRcLlzgvWaoG50Sho7yp9BHXJ8pP9AG1measutUtaKWyJCNztX2Cd1qj9lMP1A9ZgFirH8JmR_CmkXaa9LySUTBViakfLRpxxjh5nYN9t1QVKFMi_EEe-QYhORyx05BSapFq6HcoplGkCn8Pzb0smZ38VTOoZYm2pyfX10_yDRSQmf1NxaC0r_IgUA_i9m4QtWaF3HiFJto4LMd9NgDTkjf9UNb8EFz6lnLfSX0TPMT9gqKkxVil0jqUsI5uAOXySE1kLtQ4U-MXAmBPOVgcpTEu4ykDSaSA7Lb5xG0q4sff7SXchmanpItAgmz0cB2i1p0GCNkG5eL2rrXi_OSnGz63AnbaDtRTIfN8UrIPDjIio7CpKjApe_UUnKDGsinRX91zUUoDvXULBdEAKzbisDGZ3jGUFL4BiHImrwGtqslYYgmSf-HZUXENlVM30mo5kCUbA4w2ak_oddwv_SAVEnuUzR5D0dxDEp0YMW_GlAZKY8FZ9S41ItTVZGqxYhU6Vyvld_GwYQQrRkp7S8nclVFnBX9yej1smuUcrNb3CcLccIFC2oc4zAcwGJ3oe494bpkweQwZP-GKwcwz02QzLP8Amd_UgvHkwtTklHEe21KNJqLNyXoupkNbLN5nR9CIgtM0Rfa24i8DXV-4-fj65uDUClZzFLIMA8jK3PuVht0hVZhGlD2kqm_oWNnm16VHnmE2n78-ff38IKeC_6nF2RICLjMpPaSNXRMsQYHrArPksolPP7-HHmdKE02HZcMdr_lL8Z_LG58ghl31Y4CCMU8IxW3rlZna3zjCa7NMfpDnLDfDIYLufR65Hv-6PVXaobTzXCd-_akZ-kIDVpvUxLQ9fc99MsrDjKjyXS9lS8B2CBauNcW369dEdrfM_JsdqY0a1nnrLAXSqduy-4eQLog5so8wVW64AEIF8eCUHfZepo1AtxhAD8WfJlKK51yFegzyWioJBFKh66aKrfAmci25yjijqOtUOgPAYh8HvtJP3uPIhDfJfCmxmQdr_zX6RookxQ1hzCMoGJm0Tyv_6Eqc_R5Og-jXN2HlPXvfDh6sHoi1hfGdOxuY_seam_wQ0xi4vm7baIfRtPE_I5HMeJUnax45IxP5RBKLCW_C-26mEpItwMqF5GFMumZdR5PE7H63yjxQ4NDOhio5UJC1TZSVpR0bI324n1tyaeDaYO-S9Qj5Xvcka1Kg2J2zfoa8hF5-am36X6XWfxvqpBUOoIhlG6KkveqXagE2LrZ-e2mO4xqrsgHfl_mPMjnqhGHtvolTM1LocaeOJgAb5_IYUTm8oXLhzp1GKboodEztwkIogo3o26eqWc2Y43yMqFluR3GpsIRWnxRiZ98P1QTGjXetL1uMRsdOKqGPWigiizrSRjJaQ9-trKLkRPr4val0CJksYhimp1dg84C6OnWmMlxXE0FoUefbxdb_RRIfo2IaDs_9_MqexD0qs0huBthwAx2LdYRxL1N7mgMDkfT11lpZVPYjvZYnzB6dqtBIGDX7_aAPVkcZb7jRFtVomqDy4hGnHXDJJow2mCduW3xxWwRxPZ81coixp2b_yQJmTESsJ-uXeRSoOgl1GBnJhpdAxedicUoj8dFRgatfGsQzMXtJIxBUDX9wzCRpzrQ4XFDqcDSTVjeTQGl-HfQVEcWOKScDj8-2MX7SgyxSoJnGQ_68Zkb-UqHmFtvF1TGaAUv3p2HUIuxJClBeN5Em4ljPzol3ZUocpdiAIjk5t1stw4KWCjp5YqNYjn7jIoM2XqZ6dR_yFpcE7Qmx479YkWkCNXYOI7IDd_RcH0zcGDfUmL0v-ndepgcKA&cid=CAQSOwBpAlJWdml5ZpYDkpm-6cxg_81jjsmyzo1LifDwHjnxUAuEv_u4Qt4ojuJVrPOxVt8f3mt6DXaJLYoJGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.kooora.com%2F&ds=l&xdt=1&iif=1&cor=4969778399087644000&adk=3944675600&idt=402&cac=0&dtd=115
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d5776b9cf791151a2e89bae2e3f299f0c448f742bad1652d358af6e79fe7eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37368
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v96.js
www.googletagservices.com/dcm/ Frame 594C 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v96.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 00:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20157
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:41:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 00:58:31 GMT
usersync
usersync.gumgum.com/ Frame EA9D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8694686486495607686
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8694686486495607686
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:04 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
an-x-request-uuid
6b2c3592-4396-4afe-94fe-9e305d9897fe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=8694686486495607686
x-proxy-origin
37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame EA9D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b&gdpr=&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=25eb8aba-fd6b-4643-b4cb-d725fb46b102
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=25eb8aba-fd6b-4643-b4cb-d725fb46b102
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9f9b89f6-f844-4df7-b6ae-f47ff35a9ce5&user_group=1&ssp=gumgum2&bsw_param=25eb8aba-fd6b-4643-b4cb-d725fb46b102
  • https://usersync.gumgum.com/usersync?b=bsw&i=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 17 Aug 2023 14:49:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame EA9D
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28y1SCUtKzdMY2MyIuUSzW_0y-vLdcMfg8ulYBqm9RBpyNRVXYSFSpyAV7-3R215Q1%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b&obuid=ENC(y1SCUtKzdMY2MyIuUSzW_0y-vLdcMfg8ulYBqm9RBpyNRVXYSFSpyAV7-3R215Q1)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator
  • https://sync.outbrain.com/cookie-sync?initiator=%24initiator&p=opera&uid=OPU7e63d4cd251d4d249033d87836485c8d
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?initiator=%24initiator&p=opera&uid=OPU7e63d4cd251d4d249033d87836485c8d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 14:49:09 GMT
Cache-Control
no-cache
X-TraceId
8d84c6c3ad52f9df0aac4ec7432e6cc8
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://sync.outbrain.com/cookie-sync?initiator=%24initiator&p=opera&uid=OPU7e63d4cd251d4d249033d87836485c8d
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
139
expires
Mon, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame EA9D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=582dcc26-0880-4600-89ec-ac3d3d050ef3
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=582dcc26-0880-4600-89ec-ac3d3d050ef3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 17 Aug 2023 14:49:07 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=582dcc26-0880-4600-89ec-ac3d3d050ef3
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame EA9D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-391fe9b7-4ca7-5281-4137-3275de30c3f7$ip$37.19.212.248
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-391fe9b7-4ca7-5281-4137-3275de30c3f7$ip$37.19.212.248
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-391fe9b7-4ca7-5281-4137-3275de30c3f7$ip$37.19.212.248
Date
Thu, 17 Aug 2023 14:49:13 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame EA9D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-XuR1xFpE2pc9H.Y1NA1dB0lvrM5Y5p79ZROl~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-XuR1xFpE2pc9H.Y1NA1dB0lvrM5Y5p79ZROl~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 17 Aug 2023 14:49:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-XuR1xFpE2pc9H.Y1NA1dB0lvrM5Y5p79ZROl~A
content-length
0
usersync
usersync.gumgum.com/ Frame EA9D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=928641cd-7707-4ba1-9b28-bb069a191031
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=928641cd-7707-4ba1-9b28-bb069a191031
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=928641cd-7707-4ba1-9b28-bb069a191031
Date
Thu, 17 Aug 2023 14:49:12 GMT
Connection
keep-alive
X-CI-RTID
00578c71-7103-4ce4-a081-d4d94468e5d1
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame EA9D
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DD5AF2D73E6304AE3B0EC92DB81B208D2%26att%3D1%26pid%3D82%26cb%3Dhttps%...
  • https://sync.technoratimedia.com/services?srv=cs&nuid=D5AF2D73E6304AE3B0EC92DB81B208D2&att=1&pid=82&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D&uid=ZN4zX8l3BI2lD4f...
  • https://usersync.gumgum.com/usersync?b=snc&i=5F59504996924B16A617F7F0FD30CB04
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=5F59504996924B16A617F7F0FD30CB04
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 17 Aug 2023 14:49:10 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://usersync.gumgum.com/usersync?b=snc&i=5F59504996924B16A617F7F0FD30CB04
access-control-allow-origin
https://rtb.gumgum.com/
x-varnish
585571394
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame EA9D 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 14:49:12 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame EA9D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=X366S8IVS225EEFwgfJa&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVMDGNRWKM4ESVSTGIZDKRKFIZ3WOZSKME
  • https://usersync.gumgum.com/usersync?b=zem&i=X366S8IVS225EEFwgfJa
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=X366S8IVS225EEFwgfJa
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:08 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=X366S8IVS225EEFwgfJa
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame EA9D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=640ab08d-f0a8-4d4c-a0d5-6e7b56ce551a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=640ab08d-f0a8-4d4c-a0d5-6e7b56ce551a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=640ab08d-f0a8-4d4c-a0d5-6e7b56ce551a
access-control-allow-origin
*
date
Thu, 17 Aug 2023 14:49:05 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame EA9D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=A4xpGIB3vnmN&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=A4xpGIB3vnmN&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=A4xpGIB3vnmN&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-ktjhm
expires
-1
usersync
usersync.gumgum.com/ Frame EA9D
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8330000753667799435
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8330000753667799435
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8330000753667799435
date
Thu, 17 Aug 2023 14:49:05 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame EA9D 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A2BVNDERMFAEXYRNHQC5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:06 GMT
server
Google Frontend
x-cloud-trace-context
61000605cd0632881eca0ecda3dae83a
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:06 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
355f97ce87331468224a990dc7930f8d
access-control-allow-headers
Content-Type
content-length
43
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:06 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
cfdee8857932763f11380fc9109d8588
access-control-allow-headers
Content-Type
content-length
43
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:04 GMT
server
Google Frontend
x-cloud-trace-context
96642caf93d5cc7d4041fa1e58d88f0c
usersync
usersync.gumgum.com/ Frame D131
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN4zYwAAADl7zgBV
  • https://usersync.gumgum.com/usersync?b=atm&i=ZN4zYwAAADl7zgBV&gdpr=&gdpr_consent=&_test=ZN4zYwAAADl7zgBV
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZN4zYwAAADl7zgBV&gdpr=&gdpr_consent=&_test=ZN4zYwAAADl7zgBV
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:07 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 17 Aug 2023 14:49:07 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZN4zYwAAADl7zgBV&gdpr=&gdpr_consent=&_test=ZN4zYwAAADl7zgBV
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4521-YYZ
x-timer
S1692283747.411505,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 594D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9mMzdlZjdhOS00ZmVkLTQyNjQtOThmZC02MmIyODE3ZThhM2I=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:49:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 70B3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=79189
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 14:49:09 GMT
expires
Fri, 18 Aug 2023 12:48:58 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame D443
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=847b7d9c-55d6-42cc-9691-075eba001ca9
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=847b7d9c-55d6-42cc-9691-075eba001ca9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:04 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Thu, 17 Aug 2023 14:49:04 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=847b7d9c-55d6-42cc-9691-075eba001ca9
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 695B
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN4zZ8Co8YAAAGxBvH4AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZN4zZ8Co8YAAAGxBvH4AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 17 Aug 2023 14:49:11 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZN4zZ8Co8YAAAGxBvH4AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
5
X-SO-Cluster-ID
0
X-SO-HostName
m-ad377.dc4p.scaleout.jp
X-SO-IP
37.19.212.248
X-SO-Key
ZN4zZ8Co8YAAAGxBvH4AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"37.19.212.248","key":"ZN4zZ8Co8YAAAGxBvH4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad377"}
X-SO-LB-Hostname
m-tgng28.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad377
gumgum
cs.admanmedia.com/sync/ Frame CD2C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 17 Aug 2023 14:49:05 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usermatchredir
ssum-sec.casalemedia.com/ Frame 2BDA 		43 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f82b8ba1d18a1ea-YYZ
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 14:49:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGdloLKsnuPbyT5qppYpsK83BZmikFRs%2B49Hg1M76EOBIOVHb0gSGYQijieUXnuQLtHnS4CiGPaEk%2Fk4j2oVtTVuEZ27KmDfMJabrCD1l8z8NIyU%2FlJ4U4ogp%2B%2B8qNl17dq982AlmFnG0A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame AF63
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=7DTiB4Hi0bCV8S6dItDd&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=7DTiB4Hi0bCV8S6dItDd&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:04 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 17 Aug 2023 14:49:04 GMT Thu, 17 Aug 2023 14:49:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=7DTiB4Hi0bCV8S6dItDd&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 414D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 14:49:04 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 17 Aug 2023 14:49:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6AB8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
74204
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:12:20 GMT
expires
Thu, 15 Aug 2024 18:12:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A8F1 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f4.1e100.net
Software
GSE /
Resource Hash
49bad7103c94bb5778929dfb5c12ab2cf31d169e37dc97562491d1de96b52a35
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PMq07Ss8QIfbYWfk6OIfhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-PMq07Ss8QIfbYWfk6OIfhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:49:04 GMT
expires
Thu, 17 Aug 2023 14:49:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
B29932954.369001663;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1027831081;ord=6o31on;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCusEqXzPeZKinHsutoPMPwZy_iAT1pNC...
ad.doubleclick.net/ddm/adi/N46002.4116365CULTURALPROGRAMMAT/ Frame 7631 		61 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N46002.4116365CULTURALPROGRAMMAT/B29932954.369001663;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1027831081;ord=6o31on;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCusEqXzPeZKinHsutoPMPwZy_iAT1pNCBctmzzYnfEY3LpKaiMhABIJ_fz4EBYP2gmYHoA6AB88WB3wLIAQmpAoRyHvc00qg-4AIAqAMByAMCqgTeAU_QiJhKCKTJ6AA1SLs3wpKwnVy5GeBxvliEL7QQ5FyH5FcYhe5ChpS0dMf0ZB7B1xR2G9zSCHTdAtpNcUlooGoSdYtugEQ_wdVXEhRrSVf-xz-pFXswRamUn2u2jY_rXjR9nWCggtLvnpYvi0SZTkT2XJyrK7_KaL2xvpna0iB5Ll5ilMO6Am-zDlbiA2du4cjdYMxyzhqrRVyqNq7hwS1ShlzSeP5vWVqKC7AVIwQZp9Q6MEgS37mqqJkPsHkJ8b0agb-J1Wcd0NCLx0dfNZ7FEC8TB5IGYlPZ9L3xdsAEuPSe07EE4AQBoAYRgAf1uf6gAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbgMAdoMEQoLEOCj8aj0weuK6AESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI6NKPm_jjgAMVyxZoCB1Bzg9BEAEYASAAEgL56_D_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWM_rPSNNCt0Y00EKEko5MuLLfZrhg6NvsggqUHRfNsjAulKentvA_qeGjAlJ89mXEX7Nts-XtGAE%26sig%3DAOD64_0jbEJ6R0dYwOvZR8NhY6jnMmL49A%26client%3Dca-pub-2608076546629502%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fwww.kooora.com%2F$0;xdt=1;crlt=NvyFBF1QWC;stc=1;chaa=1;sttr=152;prcl=s
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.6 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f6.1e100.net
Software
cafe /
Resource Hash
58044c1a27123a153fa1dba2b275c3fe7d54910dba92829c77f96070a481f715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
28717
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:49:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 49C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:49:03 GMT
expires
Fri, 16 Aug 2024 14:49:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F5A3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
32045
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 05:54:59 GMT
etag
48472445140208031
expires
Fri, 18 Aug 2023 05:54:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 594C 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de0e5de5fa5685d991a17b34dc53a96b74946e98f3ede26fda758ac5ff7e0c18

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
11690476526365389490
s0.2mdn.net/simgad/ Frame 7631 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11690476526365389490
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4116365CULTURALPROGRAMMAT/B29932954.369001663;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1027831081;ord=6o31on;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCusEqXzPeZKinHsutoPMPwZy_iAT1pNCBctmzzYnfEY3LpKaiMhABIJ_fz4EBYP2gmYHoA6AB88WB3wLIAQmpAoRyHvc00qg-4AIAqAMByAMCqgTeAU_QiJhKCKTJ6AA1SLs3wpKwnVy5GeBxvliEL7QQ5FyH5FcYhe5ChpS0dMf0ZB7B1xR2G9zSCHTdAtpNcUlooGoSdYtugEQ_wdVXEhRrSVf-xz-pFXswRamUn2u2jY_rXjR9nWCggtLvnpYvi0SZTkT2XJyrK7_KaL2xvpna0iB5Ll5ilMO6Am-zDlbiA2du4cjdYMxyzhqrRVyqNq7hwS1ShlzSeP5vWVqKC7AVIwQZp9Q6MEgS37mqqJkPsHkJ8b0agb-J1Wcd0NCLx0dfNZ7FEC8TB5IGYlPZ9L3xdsAEuPSe07EE4AQBoAYRgAf1uf6gAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbgMAdoMEQoLEOCj8aj0weuK6AESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI6NKPm_jjgAMVyxZoCB1Bzg9BEAEYASAAEgL56_D_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWM_rPSNNCt0Y00EKEko5MuLLfZrhg6NvsggqUHRfNsjAulKentvA_qeGjAlJ89mXEX7Nts-XtGAE%26sig%3DAOD64_0jbEJ6R0dYwOvZR8NhY6jnMmL49A%26client%3Dca-pub-2608076546629502%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fwww.kooora.com%2F$0;xdt=1;crlt=NvyFBF1QWC;stc=1;chaa=1;sttr=152;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
c6683a93750ac98079894bf5e388a2bd5dd0233ed6a8a3b9bbcbf646182d33de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:08:51 GMT
x-content-type-options
nosniff
age
121213
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59633
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 19:07:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 05:08:51 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/xfa/ Frame 7631 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4116365CULTURALPROGRAMMAT/B29932954.369001663;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1027831081;ord=6o31on;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCusEqXzPeZKinHsutoPMPwZy_iAT1pNCBctmzzYnfEY3LpKaiMhABIJ_fz4EBYP2gmYHoA6AB88WB3wLIAQmpAoRyHvc00qg-4AIAqAMByAMCqgTeAU_QiJhKCKTJ6AA1SLs3wpKwnVy5GeBxvliEL7QQ5FyH5FcYhe5ChpS0dMf0ZB7B1xR2G9zSCHTdAtpNcUlooGoSdYtugEQ_wdVXEhRrSVf-xz-pFXswRamUn2u2jY_rXjR9nWCggtLvnpYvi0SZTkT2XJyrK7_KaL2xvpna0iB5Ll5ilMO6Am-zDlbiA2du4cjdYMxyzhqrRVyqNq7hwS1ShlzSeP5vWVqKC7AVIwQZp9Q6MEgS37mqqJkPsHkJ8b0agb-J1Wcd0NCLx0dfNZ7FEC8TB5IGYlPZ9L3xdsAEuPSe07EE4AQBoAYRgAf1uf6gAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbgMAdoMEQoLEOCj8aj0weuK6AESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI6NKPm_jjgAMVyxZoCB1Bzg9BEAEYASAAEgL56_D_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWM_rPSNNCt0Y00EKEko5MuLLfZrhg6NvsggqUHRfNsjAulKentvA_qeGjAlJ89mXEX7Nts-XtGAE%26sig%3DAOD64_0jbEJ6R0dYwOvZR8NhY6jnMmL49A%26client%3Dca-pub-2608076546629502%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fwww.kooora.com%2F$0;xdt=1;crlt=NvyFBF1QWC;stc=1;chaa=1;sttr=152;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
b9f1f334eb1e6c08aac717173cbf89930c1166459e7b82fabb07c0fdca2442eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
59330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4269
x-xss-protection
0
server
cafe
etag
15948555402759810793
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:20:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 7631 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4116365CULTURALPROGRAMMAT/B29932954.369001663;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1027831081;ord=6o31on;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCusEqXzPeZKinHsutoPMPwZy_iAT1pNCBctmzzYnfEY3LpKaiMhABIJ_fz4EBYP2gmYHoA6AB88WB3wLIAQmpAoRyHvc00qg-4AIAqAMByAMCqgTeAU_QiJhKCKTJ6AA1SLs3wpKwnVy5GeBxvliEL7QQ5FyH5FcYhe5ChpS0dMf0ZB7B1xR2G9zSCHTdAtpNcUlooGoSdYtugEQ_wdVXEhRrSVf-xz-pFXswRamUn2u2jY_rXjR9nWCggtLvnpYvi0SZTkT2XJyrK7_KaL2xvpna0iB5Ll5ilMO6Am-zDlbiA2du4cjdYMxyzhqrRVyqNq7hwS1ShlzSeP5vWVqKC7AVIwQZp9Q6MEgS37mqqJkPsHkJ8b0agb-J1Wcd0NCLx0dfNZ7FEC8TB5IGYlPZ9L3xdsAEuPSe07EE4AQBoAYRgAf1uf6gAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbgMAdoMEQoLEOCj8aj0weuK6AESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI6NKPm_jjgAMVyxZoCB1Bzg9BEAEYASAAEgL56_D_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWM_rPSNNCt0Y00EKEko5MuLLfZrhg6NvsggqUHRfNsjAulKentvA_qeGjAlJ89mXEX7Nts-XtGAE%26sig%3DAOD64_0jbEJ6R0dYwOvZR8NhY6jnMmL49A%26client%3Dca-pub-2608076546629502%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fwww.kooora.com%2F$0;xdt=1;crlt=NvyFBF1QWC;stc=1;chaa=1;sttr=152;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:18:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
59453
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:18:11 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7E0F 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjvspLyATAB&v=APEucNW-Cv3XoYwJXLVgWx5r0ol0jWkWOCy-9XCknvz8Pdtg64xrYKbu9QTL45mxgr_zpTq4WwRzz_YNRDqDtSUzJnqtAyK73w
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:49:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 49C9 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49C9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D4eVtqUBLH8app7tciJy65pw1KUttfdE6un2BbY-cw_PdQRb6ej_IinE3qqEl65FeexSyc-EZXFqqQ8xzbrpCAd12IwMc22rkCwhdvC1amz6rL-Wc
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49C9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5514293255710981877&x=1&ct=76
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 49C9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
59672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 49C9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
59672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:32 GMT
l
www.google.com/ads/measurement/ Frame 49C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDW76hRX4Zt-6HMrnxTtpERHTr8lJEvdk8QquJA0XNipwXNxxyixblVTqeuihl42NaTsjYLmUIG9nPfBG4bSNDxwa_8A
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 49C9 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7631 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4116365CULTURALPROGRAMMAT/B29932954.369001663;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1027831081;ord=6o31on;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCusEqXzPeZKinHsutoPMPwZy_iAT1pNCBctmzzYnfEY3LpKaiMhABIJ_fz4EBYP2gmYHoA6AB88WB3wLIAQmpAoRyHvc00qg-4AIAqAMByAMCqgTeAU_QiJhKCKTJ6AA1SLs3wpKwnVy5GeBxvliEL7QQ5FyH5FcYhe5ChpS0dMf0ZB7B1xR2G9zSCHTdAtpNcUlooGoSdYtugEQ_wdVXEhRrSVf-xz-pFXswRamUn2u2jY_rXjR9nWCggtLvnpYvi0SZTkT2XJyrK7_KaL2xvpna0iB5Ll5ilMO6Am-zDlbiA2du4cjdYMxyzhqrRVyqNq7hwS1ShlzSeP5vWVqKC7AVIwQZp9Q6MEgS37mqqJkPsHkJ8b0agb-J1Wcd0NCLx0dfNZ7FEC8TB5IGYlPZ9L3xdsAEuPSe07EE4AQBoAYRgAf1uf6gAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbgMAdoMEQoLEOCj8aj0weuK6AESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI6NKPm_jjgAMVyxZoCB1Bzg9BEAEYASAAEgL56_D_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWM_rPSNNCt0Y00EKEko5MuLLfZrhg6NvsggqUHRfNsjAulKentvA_qeGjAlJ89mXEX7Nts-XtGAE%26sig%3DAOD64_0jbEJ6R0dYwOvZR8NhY6jnMmL49A%26client%3Dca-pub-2608076546629502%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fwww.kooora.com%2F$0;xdt=1;crlt=NvyFBF1QWC;stc=1;chaa=1;sttr=152;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7631 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstc9Trt8X_9U9rbPFj_8a8omI0p4AaFlnbgKQFRpCiaEOgFtMT2xXL1i_reDwH4jOTYhvYQlMn-hbw_aG_1HBVF2uZP3zZs70Sc-CwxD9gff0qh5F06mhW226O5E5TaxNpzqPCulVVCYZ8XK9tyQ_jZTKy9XsALXIkb5g&sai=AMfl-YQKFhh99Jgvshnlau_aA9OmSfIWI0DB71aBgstlLuT9GTcYSiMmp2LrmZ0yuYxg3wAaLCjDm4SyAeG6Op7ctK669XqkGwZL4Ca14A&sig=Cg0ArKJSzP-XKC1xMKcPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230815.29112&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4116365CULTURALPROGRAMMAT/B29932954.369001663;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1027831081;ord=6o31on;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCusEqXzPeZKinHsutoPMPwZy_iAT1pNCBctmzzYnfEY3LpKaiMhABIJ_fz4EBYP2gmYHoA6AB88WB3wLIAQmpAoRyHvc00qg-4AIAqAMByAMCqgTeAU_QiJhKCKTJ6AA1SLs3wpKwnVy5GeBxvliEL7QQ5FyH5FcYhe5ChpS0dMf0ZB7B1xR2G9zSCHTdAtpNcUlooGoSdYtugEQ_wdVXEhRrSVf-xz-pFXswRamUn2u2jY_rXjR9nWCggtLvnpYvi0SZTkT2XJyrK7_KaL2xvpna0iB5Ll5ilMO6Am-zDlbiA2du4cjdYMxyzhqrRVyqNq7hwS1ShlzSeP5vWVqKC7AVIwQZp9Q6MEgS37mqqJkPsHkJ8b0agb-J1Wcd0NCLx0dfNZ7FEC8TB5IGYlPZ9L3xdsAEuPSe07EE4AQBoAYRgAf1uf6gAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbgMAdoMEQoLEOCj8aj0weuK6AESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI6NKPm_jjgAMVyxZoCB1Bzg9BEAEYASAAEgL56_D_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWM_rPSNNCt0Y00EKEko5MuLLfZrhg6NvsggqUHRfNsjAulKentvA_qeGjAlJ89mXEX7Nts-XtGAE%26sig%3DAOD64_0jbEJ6R0dYwOvZR8NhY6jnMmL49A%26client%3Dca-pub-2608076546629502%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fwww.kooora.com%2F$0;xdt=1;crlt=NvyFBF1QWC;stc=1;chaa=1;sttr=152;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 14:49:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7631 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4116365CULTURALPROGRAMMAT/B29932954.369001663;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1027831081;ord=6o31on;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCusEqXzPeZKinHsutoPMPwZy_iAT1pNCBctmzzYnfEY3LpKaiMhABIJ_fz4EBYP2gmYHoA6AB88WB3wLIAQmpAoRyHvc00qg-4AIAqAMByAMCqgTeAU_QiJhKCKTJ6AA1SLs3wpKwnVy5GeBxvliEL7QQ5FyH5FcYhe5ChpS0dMf0ZB7B1xR2G9zSCHTdAtpNcUlooGoSdYtugEQ_wdVXEhRrSVf-xz-pFXswRamUn2u2jY_rXjR9nWCggtLvnpYvi0SZTkT2XJyrK7_KaL2xvpna0iB5Ll5ilMO6Am-zDlbiA2du4cjdYMxyzhqrRVyqNq7hwS1ShlzSeP5vWVqKC7AVIwQZp9Q6MEgS37mqqJkPsHkJ8b0agb-J1Wcd0NCLx0dfNZ7FEC8TB5IGYlPZ9L3xdsAEuPSe07EE4AQBoAYRgAf1uf6gAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbgMAdoMEQoLEOCj8aj0weuK6AESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI6NKPm_jjgAMVyxZoCB1Bzg9BEAEYASAAEgL56_D_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWM_rPSNNCt0Y00EKEko5MuLLfZrhg6NvsggqUHRfNsjAulKentvA_qeGjAlJ89mXEX7Nts-XtGAE%26sig%3DAOD64_0jbEJ6R0dYwOvZR8NhY6jnMmL49A%26client%3Dca-pub-2608076546629502%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fwww.kooora.com%2F$0;xdt=1;crlt=NvyFBF1QWC;stc=1;chaa=1;sttr=152;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 15:22:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
84412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 15:22:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A8F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308100101&jk=736805950079892&rc=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame F5A3
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEGUFm-lbpTPUzDN3k6hf2IA&google_cver=1&google_push=AXcoOmQ3Uz73lW1gG2dl8jZjbUfRqNctTiTMCVTAm_BbK29QaenrXWvBrE4yrD5GOY5vD_ub5uOn3_lb2Bas075n772DxkZIhd3x
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQ3Uz73lW1gG2dl8jZjbUfRqNctTiTMCVTAm_BbK29QaenrXWvBrE4yrD5GOY5vD_ub5uOn3_lb2Bas075n772DxkZIhd3x&google_hm=UjM1Q0E5XzEwNzhF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQ3Uz73lW1gG2dl8jZjbUfRqNctTiTMCVTAm_BbK29QaenrXWvBrE4yrD5GOY5vD_ub5uOn3_lb2Bas075n772DxkZIhd3x&google_hm=UjM1Q0E5XzEwNzhFNDcyMl8xRDU1OTI2QQ%3D%3D
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQ3Uz73lW1gG2dl8jZjbUfRqNctTiTMCVTAm_BbK29QaenrXWvBrE4yrD5GOY5vD_ub5uOn3_lb2Bas075n772DxkZIhd3x&google_hm=UjM1Q0E5XzEwNzhFNDcyMl8xRDU1OTI2QQ%3D%3D
Date
Thu, 17 Aug 2023 14:49:04 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-375288544; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
346
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame F5A3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENWs_Sfai4Ah7a3n9kSnqnM&google_cver=1&google_push=AXcoOmQc6LQEotOo4vuShj_-97nYLyRGLm_TQVQiXRZavBthein7-6DX5TgeWY7n9ja_AEheAe8Glir-NseEj8x67e...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ODQ3YjdkOWMtNTVkNi00MmNjLTk2OTEtMDc1ZWJhMDAxY2E5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=847b7d9c-55d6-42cc-9691-075eba001ca9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ODQ3YjdkOWMtNTVkNi00MmNjLTk2OTEtMDc1ZWJhMDAxY2E5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=847b7d9c-55d6-42cc-9691-075eba001ca9
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ODQ3YjdkOWMtNTVkNi00MmNjLTk2OTEtMDc1ZWJhMDAxY2E5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=847b7d9c-55d6-42cc-9691-075eba001ca9
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame F5A3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECDMv3FRtaGfjXZRvu982vI&google_cver=1&google_push=AXcoOmSnY2OQAapjU9u1AzSxDkCH1YxX1sr6BXB_whZlDiTZcoJRxjxTsBeQ1-Wo2gUl6vaySrB2QWn6...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECDMv3FRtaGfjXZRvu982vI&google_cver=1&google_push=AXcoOmSnY2OQAapjU9u1AzSxDkCH1YxX1sr6BXB_whZlDiTZcoJRxjxTsBeQ1-Wo2gUl6vaySrB...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkwMDQ1ODA3MjI5OTI5Mzg2NA&google_push=AXcoOmSnY2OQAapjU9u1AzSxDkCH1YxX1sr6BXB_whZlDiTZcoJRxjxTsBeQ1-Wo2gUl6vaySrB2QW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkwMDQ1ODA3MjI5OTI5Mzg2NA&google_push=AXcoOmSnY2OQAapjU9u1AzSxDkCH1YxX1sr6BXB_whZlDiTZcoJRxjxTsBeQ1-Wo2gUl6vaySrB2QWn6rxpvWWWalbpSTfogTYQ
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkwMDQ1ODA3MjI5OTI5Mzg2NA&google_push=AXcoOmSnY2OQAapjU9u1AzSxDkCH1YxX1sr6BXB_whZlDiTZcoJRxjxTsBeQ1-Wo2gUl6vaySrB2QWn6rxpvWWWalbpSTfogTYQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame F5A3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENzGz3gxiSwF_rvIQDDKkW0&google_cver=1&google_push=AXcoOmSl_Y_W5uLSz7CuxGUUQQ7ntZjtDGKgbEdEz1ane5egKITqhbVPynNqGQUkimdJAb6z297YPvw0r5Iv8...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENzGz3gxiSwF_rvIQDDKkW0&google_push=AXcoOmSl_Y_W5uLSz7CuxGUUQQ7ntZjtDGKgbEdEz1ane5egKITqhbVPynNqGQUkimdJAb6z297YPvw0r5Iv8...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSl_Y_W5uLSz7CuxGUUQQ7ntZjtDGKgbEdEz1ane5egKITqhbVPynNqGQUkimdJAb6z297YPvw0r5Iv8CRqHa74eTVygz6q&google_hm=NmZwM2V6QmlieHE1cVMz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSl_Y_W5uLSz7CuxGUUQQ7ntZjtDGKgbEdEz1ane5egKITqhbVPynNqGQUkimdJAb6z297YPvw0r5Iv8CRqHa74eTVygz6q&google_hm=NmZwM2V6QmlieHE1cVMzSzk5Rko=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:07 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSl_Y_W5uLSz7CuxGUUQQ7ntZjtDGKgbEdEz1ane5egKITqhbVPynNqGQUkimdJAb6z297YPvw0r5Iv8CRqHa74eTVygz6q&google_hm=NmZwM2V6QmlieHE1cVMzSzk5Rko=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F5A3
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRITvNut1s5eTjMH0VZ0RuiDYFbwdu01ZEn3NaNZnmoXQOGxNJLMfEGm9bHQ9H7RF0ta4ekLnPOOr...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRITvNut1s5eTjMH0VZ0RuiDYFbwdu01ZEn3NaNZnmoXQOGxNJLMfEGm9bHQ9H7RF0ta4ekLnPOOrtWvC8U8CGSq8eD4PRM&google_hm=2b06780c-1301-4f94-a0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRITvNut1s5eTjMH0VZ0RuiDYFbwdu01ZEn3NaNZnmoXQOGxNJLMfEGm9bHQ9H7RF0ta4ekLnPOOrtWvC8U8CGSq8eD4PRM&google_hm=2b06780c-1301-4f94-a05e-62f8319ca4e8
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:08 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-204
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRITvNut1s5eTjMH0VZ0RuiDYFbwdu01ZEn3NaNZnmoXQOGxNJLMfEGm9bHQ9H7RF0ta4ekLnPOOrtWvC8U8CGSq8eD4PRM&google_hm=2b06780c-1301-4f94-a05e-62f8319ca4e8
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F5A3
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEIM1K-DgPfga-2XfSFhIXqo&google_cver=1&google_push=AXcoOmSCv8OqE_keoGuv_3uwdBntLEXj_AokDAyUuZ5AAH_t0A6eBHgEYfmKYSyTeaEQuTsGPSutQqigTSwENIkjrFV9367...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTk5NzIyZGY3MjdkNGZjNTlkNzkwM2NmMmIyMzI5NWE%3D&UIDF=CAESEIM1K-DgPfga-2XfSFhIXqo&google_cver=1&google_push=AXcoOmSCv8OqE_keoGuv_3uwdBnt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTk5NzIyZGY3MjdkNGZjNTlkNzkwM2NmMmIyMzI5NWE%3D&UIDF=CAESEIM1K-DgPfga-2XfSFhIXqo&google_cver=1&google_push=AXcoOmSCv8OqE_keoGuv_3uwdBntLEXj_AokDAyUuZ5AAH_t0A6eBHgEYfmKYSyTeaEQuTsGPSutQqigTSwENIkjrFV9367LPCYt
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZTk5NzIyZGY3MjdkNGZjNTlkNzkwM2NmMmIyMzI5NWE%3D&UIDF=CAESEIM1K-DgPfga-2XfSFhIXqo&google_cver=1&google_push=AXcoOmSCv8OqE_keoGuv_3uwdBntLEXj_AokDAyUuZ5AAH_t0A6eBHgEYfmKYSyTeaEQuTsGPSutQqigTSwENIkjrFV9367LPCYt
date
Thu, 17 Aug 2023 14:49:06 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame F5A3
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEPJ5wu1X2...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=25eb8aba-fd6b-4643-b4cb-d725fb46b102&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=25eb8aba-fd6b-4643-b4cb-d725fb46b102&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=25eb8aba-fd6b-4643-b4cb-d725fb46b102&%%GOOGLE_PUSH_PAIR%%
Date
Thu, 17 Aug 2023 14:49:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame F5A3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JY8lGqluZrH4e1dRdmBcgzBVPO8Rjg6kv_YxR0Pl0no64QIJpxiQ1CLiJi5qSuvrlHlblZnQ
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
segment
api.permutive.com/clm/v1/ 		91 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
3c62ffb891f279e0bcc09f29aa6d17275f97f491ab8b94140bc8c78e4061061f

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 14:49:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91
content-type
application/json
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 6AB8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:17:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
149481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:17:43 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7631 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
baf534ce6c637a036328320f63530323cda04575df5320a2ea008790194efb85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5671
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2EC9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
132742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 01:56:42 GMT
expires
Thu, 15 Aug 2024 01:56:42 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49C9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6746548046737&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49C9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6746548046737&version=m202307240101&ct=76&x=1&cor=5514293255710982000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 49C9 		89 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cae_-gRp76UYSfxA1l2BFsj667AGiYWpbyJZhaYwGJw6lVpBQYv60QysyUSkDOBbwe43lIZClxSHjjAFa6iF4SE-y7JQ&cry=1&dbm_d=AKAmf-ABrULeeMeNG6VioES4EZ2iFNwMd0AXXcYNVh4RJ3b9t-wCgGYVmDRsP_M1hF9nRtaTM9gJabKBd72afiQKSm0hJm_VKNdDc0NpxQKpwFscKs1ObBars8o9UKTIxrlP3XomAvWk0J37oYA3ugW-NEZ2qaXLknDHIkPeUSWlGf-IzHTIw-7uWeYCU1uMzjrDBeIQ-au3EAYxzzJMkjBK8F_Gt0-ABEZVIO9WZKdeS0g6lzloALMNW2i0tLAVkXgW4iCa6Fkz6mWNKyNrdPQyiGjLQbiUHHIz1q725_K5dmZ4N5SUhDCdIpp-W-MfAtaxtf8_YmgNKViw6aLYza9iDwtoRNd2o8LOwsJYHGlhhzhzOk_gqKu03fIeIHSzpoqDg4IAsZeGPK5PdsGbcEN_ylIqfLltnSfZyZng2E8HwWz9vlnoD6bw9UORMEqqGNW91yA5g2g9JByYp1tocf4yOE2Xke93YGmSiz4dl_JSUfZcsru4JrxsOtTzWGp6xKK9seO7JI4eGR3PhQUINhPw62Mb2fgxPMluMYtIh23EbdT7iZGRje3fESrNH6DljE0H7YFyB8fJ781Rz7KdFjzuuruMspc7JGex24OAA-uBmnjHqDCm7tz7gkXmS7bEB306mrKhP9MpsFfIM-g-UA3QvCXnHNrAdn7el79WN-a-zqzzSXIss9J-Stn8K6z9W7Dm39YawbhlMLdpL3VDzHq6DVPCdcu_UNy_CNThmb_BPO0GcjPDJJWfYvwlHz4hOI01IQAV6UxxQ87v7ZuazmianXkX249tTbusE2CZqW7FX0ySQgzeelCR5ltG5nkT-13Lg_uCD1RfHmch_v-pbHvRNtzfNFMZ_qSd19QqHFkPpucL0GuX577jpbIcvZJwxcB1_4U2gepHSBAdjpLeLNzPsmLtB5QaavSTgksqn0B-KY_TAuOPb1F3XQCe9pI5Rt7n6tNvJ6APXlqeYQVWNotg7ia-Rjv82DlZv-7Hruy5JQw6HZnoRXSj165CMp9IdMaaXL4FPYQVBAnu069nB4R8bWizgQysf2uMiao9pIfItz1qM2CtdWYDgYLufMeMxOryrsT4DyOYRjVUEsmeFNrh1oFBJ1G3hpc58FXJ0qOyrwuRhZ-i8-fZewoVnjUTBDgfxd8Mc6niAG4U76FFWdZJfVT6AWv4mxT3A73hw-Xq4cYqzx54mXJDKpdjWCzxotaER4BbUGF3e4tks2qRdY42eb7nEFXKly1G2BJJ2XUjFYK38X83bauNHvV4TsAs03ACEsz0z-Qgtu9tZq5ERZbGxwO3BGk-WMFbgyijzm06HKcWUqZvRRwQhkzKiiwG9lkLabmDc38pkMSVRWxH_OVSRS72-0stHcuTqzgLkebll_YoxZvbLLZiBJdTo42eOgT29X0UpVYjYecULnoL0m1aPvWEs9CVVRuMr6x9Thv_FZ11GQL7YGjp6EHfFv_dzmVi40FvPX0SHE4ilcbIuCm6C4ZalsJAIefYZkwYX-ZIH7iChWpLHHi3iS7PLVIRwlA9SFeMkp4wAk6JKcb0vkavd69M6uz_NLWtCaYgBe8v_jTg1irtwjuYbGf7dgRIykDLY3vt6I0N7EWWmFkGfi4iji4lsPPmA8XajBtWIi0Inp0vXX1tiJ7y8Nu73FMtNepI_xAx_xBslPI_-OlDbquAOSmICme3jAGlGp-diUaZcKDteCMmV0bifWNbI9Wgw5wINo0PGeJ2T_xcBhRMmocJgivBjTSq8TMRpP1Rl9wETgcHwqbXh56WbD0YwnI0qFXWboXG96nKz1I6Md6rjtgD9zpXj8Ekgo8fjPcs8gtJEiGKej9CC134u9VmGJyLxANAJ-XVztVpbZSGzSmp8iC4Oka4sgFH3Q1AnENBfAUQ2WbqBpfLJtJg-MaLx2PXk4TetNwRI26gC6fgE5bEeEFZoO5vhECSIHkBIyjognhW6eWTP4dJ2PT2K-kO7Pmg4YkQxdmj_xFZEmrPzgLTGmx5hsosyEtxFH_hB_Se_D3wI8tpMRTZp72ARFcnqD2L2BD_U9ftAXOFN5fH-qh3hRqps8hyqOtfafKntkowb7j1Y9oLAnEkmvkcGz97BqXe088tfJjtpN0CJFKTZZmLGiulAy04UnJPZc357xvpzGtWOkzdEZT81EFOEVv44sYqW5freIpi9LQKvl4j59P2RcPWCTpHk22M8KQzQxMHm8YzrGtgKKjwXT0C2jP-SNccA3u4lfKi3kkiuNXXkwxey1uaFFKGTyDJxj-ze_kKM_a3lYbnOJ-HL_N0eHTh3P_jQUW0WurDudzzgouw5IsP6JhMMSc_t9RcMhk0m26fn5vikxvmcAkWqeXvDiyxW4YvGGgsCDCglIlbDPB5TAlx3m3BCG_wOetRuFk6UZXERe_iC52WfYc70q1EsdYjAPyPi7AAHGUKxl1mPuogY5lSYHn3WDyW4IH_ProVL8UMeDThG6A0Q0HpyhLd13acp-XthECJ7o-bVQ-juifeYrz5e8Rs_-y9-S5YE_bOxgJWBGtai3N1KfWLFw8TCF94cQHPHv4DrmCUX019XiokgkZTT4JlsIalpYFvxD-_nACuvY3z_YMSq1eXAI-KG-8Uw-9UNCl8xVgsJdDSA_pSK44iV4IImTLnDJH_k0UBlD7f5iSmoDq5XrdebN0DNvArHKWHC2PGkQU1GiUIgynTEM6QaJOtriL-b1Q7B-cvoRwVC3Wn2_unqbDpmPNBJ4bvWH5QvFMjZC3yd-zj75UX9CHtDSeYN9fjtCJpiKTeZsM2IayQnDgYElPfEIWd7r23naqngL09AjDKqVsmFbbDRfNx8kmhZFzCbw-wiQpaEFeJzBkYmQjjmWutYon1KgdvjDCFtQerjE3nmTTWOSoFGsUMPMZ0p9fsxB84PUyLjYmMfItBW9mZBcPbjRPnN9DVgEHKjlqfuQgqH5e27iVhRipaNH5eKuUSgosABJSbKNluK-eoypb9KhV5lE2GTXY9ruVdXp4h2VIDbOA-szwHpD3KbqfGjY2JVzPFsnCvzaeCn2qHOAXElVJzLqkjHgejmbv-XarJ73pD2PwLjmqVTSEK2VSvTuE0Sbohgrzjw9K_zydW8MqYn7pi-W7BNO791GQxmszG8394MbP6Tgzr12Jo-tGyXW8GdnGWDDYVKck-5QY9UtHAdu24w8JQgm51Luix3Wnln0E3q0JmioUDlkthiRvQ8ANWJu494_vepp0ruCj0pE3RnideycEiOEmhgrfgJ_sZ9CS2QlAlWuwj_hTJyhtPLZpz7u49zGGon5J7BQetvWUOBbq9d-aMgaO6CkrMLbk8OAVA70IAzC3RwgqZnN1upJ_CiX6kFbBre_VKgNW3Dr6qeN6_7vO2ZpMDRdy9IECkY59-ds59gP41S8_zRJZ8ugRXxbe-4UrECKd9Gwcs9hhQSxN7egei3DbXziN5_RbhIutJwor4OXuNwTytt9T0fq3q3nQInjY1Gi1PvJgkWT9Fuqwd4XSR0fW-J9VTg7ZMdpQpzbcV-d3nWZsWoCx-uycwiFGgTrDpU6Hwdo3Z8QqKtTeKbfNfKSAT4Q1pu0sp6FqnRfHX8NOwVIZ1l78nUjYeTsuE-ALq2YUs0UNvI0UKLNRj38eTLo3pT9P-L6GbCNXgEkIETVKdhvVz_DkvfmY1UIV88gYm3FAZxlHagJR3V9-9BlW8t6ZHL7TD7nWcnoIuf2vpN3WwMGY_wd-gQRrwkSV0SqAX7LE8rAjCxmSEgeDQajKCRXJYvoyEQMV5_KFbAVAQoeP-miM3Hsm6IMVBLWf3VDEVaOiQ9ml9muXkP7D2W-qzuUyUlU9bHTzq9aDcwHM7xbGqmqFPaUZb1R4g7_jor-uRps1O02Eii8ic7ltngP2zJOTcwhy8qjFQewoizMlWJ2T4osZoo0dwchydJt84GJhsOzdKcaHZ44K-HlECvNgcW0U_Zfpy2N4ItZZvSH31j12H356jcd-JEIsLN22y_jVT5IZjtPy5wF6T4Jvd45M3RflATzAxS0X3QxuPMLSEWKnY6TxGVa4ca_U8as5IpID5-6WNviXdJOv9mKLXZHODgk5mlNxswO-v3BaTMWEN&cid=CAQSTQBpAlJWLNiFPOFlN3hqurXRP64bWJnUtl_xSf2XZPm2JnwNUFYD7TZth92BizIUMqYkxkoawAs0grPPm309NuBEr7WArVwdKy6JivEEGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.kooora.com&ds=l&xdt=1&iif=1&cor=5514293255710982000&adk=3526028059&idt=102&cac=0&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6ba2413acd502e6d0f8d42330fed8affcc9fcc32d947c9b06208f303d6419f4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37798
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 2EC9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:17:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
149481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:17:43 GMT
generate_204
tpc.googlesyndication.com/ Frame 6AB8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-H9hiA
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usync.js
eus.rubiconproject.com/ Frame EB50 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 14:49:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2023 04:13:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48145
Connection
keep-alive
Content-Length
10116
Expires
Fri, 18 Aug 2023 04:11:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7631 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstc9Trt8X_9U9rbPFj_8a8omI0p4AaFlnbgKQFRpCiaEOgFtMT2xXL1i_reDwH4jOTYhvYQlMn-hbw_aG_1HBVF2uZP3zZs70Sc-CwxD9gff0qh5F06mhW226O5E5TaxNpzqPCulVVCYZ8XK9tyQ_jZTKy9XsALXIkb5g&sai=AMfl-YQKFhh99Jgvshnlau_aA9OmSfIWI0DB71aBgstlLuT9GTcYSiMmp2LrmZ0yuYxg3wAaLCjDm4SyAeG6Op7ctK669XqkGwZL4Ca14A&sig=Cg0ArKJSzP-XKC1xMKcPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=384&vt=11&dtpt=382&dett=2&cstd=0&cisv=r20230815.29112&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4116365CULTURALPROGRAMMAT/B29932954.369001663;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1027831081;ord=6o31on;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCusEqXzPeZKinHsutoPMPwZy_iAT1pNCBctmzzYnfEY3LpKaiMhABIJ_fz4EBYP2gmYHoA6AB88WB3wLIAQmpAoRyHvc00qg-4AIAqAMByAMCqgTeAU_QiJhKCKTJ6AA1SLs3wpKwnVy5GeBxvliEL7QQ5FyH5FcYhe5ChpS0dMf0ZB7B1xR2G9zSCHTdAtpNcUlooGoSdYtugEQ_wdVXEhRrSVf-xz-pFXswRamUn2u2jY_rXjR9nWCggtLvnpYvi0SZTkT2XJyrK7_KaL2xvpna0iB5Ll5ilMO6Am-zDlbiA2du4cjdYMxyzhqrRVyqNq7hwS1ShlzSeP5vWVqKC7AVIwQZp9Q6MEgS37mqqJkPsHkJ8b0agb-J1Wcd0NCLx0dfNZ7FEC8TB5IGYlPZ9L3xdsAEuPSe07EE4AQBoAYRgAf1uf6gAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbgMAdoMEQoLEOCj8aj0weuK6AESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI6NKPm_jjgAMVyxZoCB1Bzg9BEAEYASAAEgL56_D_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWM_rPSNNCt0Y00EKEko5MuLLfZrhg6NvsggqUHRfNsjAulKentvA_qeGjAlJ89mXEX7Nts-XtGAE%26sig%3DAOD64_0jbEJ6R0dYwOvZR8NhY6jnMmL49A%26client%3Dca-pub-2608076546629502%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fwww.kooora.com%2F$0;xdt=1;crlt=NvyFBF1QWC;stc=1;chaa=1;sttr=152;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 14:49:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYvToXzPeZKinHsutoPMPwZy_iAT1pNCBctmzzYnfEY3LpKaiMhABIJ_fz4EBYP2gmYHoA6AB88WB3wLIAQmpAoRyHvc00qg-4AIAqAMByAMCqgTbAU_QiJhKCKTJ6AA1SLs3wpKwnVy5GeBxvliEL7QQ5FyH5FcYhe5ChpS0dMf0ZB7B1xR2G9zSCHTdAtpNcUlooGoSdYtugEQ_wdVXEhRrSVf-xz-pFXswRamUn2u2jY_rXjR9nWCggtLvnpYvi0SZTkT2XJyrK7_KaL2xvpna0iB5Ll5ilMO6Am-zDlbiA2du4cjdYMxyzhqrRVyqNq7hwS1ShlzSeP5vWVqKC7AVIwQZp5Y4EdrnNzKsfhIzKMESUC1ppLUs3EkFHVEr3ObF47LpCNjelJTQabl8esAEuPSe07EE4AQBoAYRgAf1uf6gAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEN6wDdIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDyAsB2gwRCgsQ4KPxqPTB64roARICAQPYEwPQFQGAFwGyFx4KHAgAEhRwdWItODE5NTU4NTQ3MzQ1NjYxNRiavno&sigh=p0etq9MF5NE&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWM_rPSNNCt0Y00EKEko5MuLLfZrhg6NvsggqUHRfNsjAulKentvA_qeGjAlJ89mXEX7Nts-XtGAE&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 14:49:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7631 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 14:49:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 594C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYvToXzPeZKinHsutoPMPwZy_iAT1pNCBctmzzYnfEY3LpKaiMhABIJ_fz4EBYP2gmYHoA6AB88WB3wLIAQmpAoRyHvc00qg-4AIAqAMByAMCqgTbAU_QiJhKCKTJ6AA1SLs3wpKwnVy5GeBxvliEL7QQ5FyH5FcYhe5ChpS0dMf0ZB7B1xR2G9zSCHTdAtpNcUlooGoSdYtugEQ_wdVXEhRrSVf-xz-pFXswRamUn2u2jY_rXjR9nWCggtLvnpYvi0SZTkT2XJyrK7_KaL2xvpna0iB5Ll5ilMO6Am-zDlbiA2du4cjdYMxyzhqrRVyqNq7hwS1ShlzSeP5vWVqKC7AVIwQZp5Y4EdrnNzKsfhIzKMESUC1ppLUs3EkFHVEr3ObF47LpCNjelJTQabl8esAEuPSe07EE4AQBoAYRgAf1uf6gAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEN6wDdIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDyAsB2gwRCgsQ4KPxqPTB64roARICAQPYEwPQFQGAFwGyFx4KHAgAEhRwdWItODE5NTU4NTQ3MzQ1NjYxNRiavno&sigh=p0etq9MF5NE&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWM_rPSNNCt0Y00EKEko5MuLLfZrhg6NvsggqUHRfNsjAulKentvA_qeGjAlJ89mXEX7Nts-XtGAE&cbvp=2&vis=1
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 17 Aug 2023 14:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 414D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 14:49:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2023 04:13:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48144
Connection
keep-alive
Content-Length
10116
Expires
Fri, 18 Aug 2023 04:11:29 GMT
ecm3
s.amazon-adsystem.com/ Frame EB50
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LLFA1NIG-Q-D1JW
  • https://s.amazon-adsystem.com/ecm3?id=LLFA1NIG-Q-D1JW&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LLFA1NIG-Q-D1JW&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DBRQ2RRK9HPEW2FA4YKH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LLFA1NIG-Q-D1JW&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C481 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstomftjlWBrmgFNTECH0_wIBtVTcdguyBAGkb6I_p1gLrYuu6oLNYbSaxaur24QKkQRs9rouS2WjLl9ePpJ0gaQWOQBCDaOys1zL0wi9VDsP7Pjyvah&sig=Cg0ArKJSzN9nf8x0kTedEAE&id=lidar2&mcvt=1002&p=527,149,777,449&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230816&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4055398765&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692283743513&rpt=433&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 1E03 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:17:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
149482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:17:43 GMT
usersync
usersync.gumgum.com/ Frame 414D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLFA1NIG-Q-D1JW
  • https://usersync.gumgum.com/usersync?b=mag&i=LLFA1NIG-Q-D1JW
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LLFA1NIG-Q-D1JW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LLFA1NIG-Q-D1JW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EC9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7rd9YDPeZMucHMKcoPwP3MG_UAAAAAA4AeAEAg&bg=!IyClIHTNAAZGPLJIZjw7ADkAdvg8WlKNDhbGVardMf8kSSWIiqvrS8ulhFntfI0H7Ja0ihv1xdyYnVyMlDcOs3GsnAcmnTAhSRkCAAAA3VIAAAAHaAEHmQMfw5UvLeSfDVdr_wtm_CRIntEiBB74qeEsNY6qQYhC1tUhFC_L6xvs5L1Gbwya9KpL9eyu1GPVVhtm7y2IsYnxqyill3N-fnXuY_wFiiwZww7vG6t8IjLPFgf5LS6Cv6rzgtvUcPMLq7jr2YNlhS-R_rX41-dRvg0tHWsGzswihTYywhU38LUXAZJy_fHzQBdVr0CrSeqjSGPnvjD06REZWTGWUIPy6_CpVqRlVkUPVBuzPc_mHbuQ3-1POJEdpKq4pfA2St4xFd44TYdznQRjjEcpuc9WcXbYI2jLdISp6_ueRMx6pEMG649w9vHc16goJ5McUKpSL0x1y6trC2wIZIRhl3Vi8XcpkRSwcG5F_COuBuu2JqS6FAfVQWOQsMnp4Get2nqKIqPcAJkcwe-rHdwPLQPREKT3kaqOPMejqAgsnu5bwKtNvaOnWnr3QAvTiCHHEkYtP6To105gi0zkCfdBb9RpHPMw6LNiSeYmnitX7Kx41a14LgL7DAW0_blLr_BzeAIYEa94CO4C_CPeQJkbGeBH1-WTD0At7DD4r9iKK7QySteboKTk9r1dymrk2KiIuVJYkF9dkzUngR4YDwenvXSpwWPv2bB4zxImmVldlZPLWmSxNkrfmNPqBPh7hpyd_2OGQFspIPA_Rh8pbUQXAc5LSFOJj0b-LUHT7JuX1LxavhNkOV5gCVJwwzsHASqaPVhSVyK5sXa7vMMP0fy738zn3Mqbj0_lDhXTKNScSYQNIOlEMXNhEYAYEb5sXh6fNGGigkpdp8imr1WIhta6e1nIkfT4FY0gon5FSq1LlYRjR5zqfn3Fi3bAw8ucqZxBY5UX0XY_ZbblEyQ_TmFrZhvAkGs8iy3zQQ1BzNIlB3CVKM1CwIEFSdY_PmGilWfSX90qfFNyZ8JqktKB9eqHBDkBjq7UYu2RzA5LqMoEfCLz-2C3Yb_1JXJxXONvzacBqmHxCibFlDC5qJc2E4aZmrjM6aL8hFIav-O7Q4fd2C22MDnaCMyNjoiYHEhhpl7S9p-s9KGh0wlOG0zDG46QTB44990oI_nP_xPuGA
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame EB50
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XjiELLVul-LSjNhRhzmuRQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y9hEGHJE2oLo49ANCgNO15EHsySprBEpXWb03A--~A
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y9hEGHJE2oLo49ANCgNO15EHsySprBEpXWb03A--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 17 Aug 2023 14:49:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Y9hEGHJE2oLo49ANCgNO15EHsySprBEpXWb03A--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame EB50
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLFA1NIG-Q-D1JW
0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLFA1NIG-Q-D1JW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:05 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 520D37E883E7466B9941ABA0AB806B21 Ref B: YTO01EDGE0817 Ref C: 2023-08-17T14:49:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDH4OJHJjPQCssHnKyeQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLFA1NIG-Q-D1JW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EB50
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=847b7d9c-55d6-42cc-9691-075eba001ca9&gdpr=0&gdpr_consent=&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=847b7d9c-55d6-42cc-9691-075eba001ca9&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=847b7d9c-55d6-42cc-9691-075eba001ca9&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame EB50
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExGQTFOSUctUS1EMUpX
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHbkCsY2TMEApAmXuEGfMW4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGQTFOSUctUS1EMUpX&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGQTFOSUctUS1EMUpX&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGQTFOSUctUS1EMUpX&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
pixel
cm.g.doubleclick.net/ Frame EB50
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGM0ZWE0N2M0ODUwYmNhZjdiZWEyZmM4N2EyOTM0MjMzN2Y1YTdkNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGM0ZWE0N2M0ODUwYmNhZjdiZWEyZmM4N2EyOTM0MjMzN2Y1YTdkNw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGM0ZWE0N2M0ODUwYmNhZjdiZWEyZmM4N2EyOTM0MjMzN2Y1YTdkNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame EB50 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZWFQH1W6XTN6R817AM9S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame EB50
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7h8VuIUZSayP63goU_uUGA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7h8VuIUZSayP63goU_uUGA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7h8VuIUZSayP63goU_uUGA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8C4D38SD7R2QF5JF0M4D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7h8VuIUZSayP63goU_uUGA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EB50
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM2xzyrYC3O1RAEW1ddawHw&google_cver=1
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM2xzyrYC3O1RAEW1ddawHw&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM2xzyrYC3O1RAEW1ddawHw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		301 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f93b9f2108b7c08ea2ef4a12bb789c8482a986aced259d46e5e3508134d346e6

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:05 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
sodar
pagead2.googlesyndication.com/pagead/ Frame C481 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308100101&jk=736805950079892&bg=!5-Sl5LDNAAZGPLJIZjw7ADkAdvg8WnBrDXioXB8kFdQBd39MLHaABw-H49Q-t3YfWpwgyIE2oP-EPbx3SpOlJ34U-XewMgLdCR8CAAABDFIAAAAHaAEHmQLZdBTV-_cQcMGbd39P87ZUss9gQEXqFfpOizjlfseZpxcGs-p5rlAa5SUhep6nZfMZgYJtDJrY324ahy-ToEMQIFEdnMhfHmB2ByV3B1fGkn0n4OQoDuNoZw6KHFe2DaR0-da-Yt8y6aaD3lK47-v105x4tUkW5Bl10YkG3QDM9DEcp8ZOMI2x5Ostud5xHQfPKo2kSuWXogwV1EYrtjE77DQqoKdhovw4iUp6Z2FUs9h3MskBhLT4uZFJvJKtH18_7Dqj1DD-janpbBAc7NSoMSF6idszVIh6t0_kuA3PYbRKrajm0s_sZvNdQqCS5BXx81KcFBGPg2KcLAaWDGhBiQw8cX8Gkf7XgczisgwDF8Yvts4YR55ZolLEbjkh8FX6LO0vqbDhzpzMuSXLzsYZ_ih4yJS6Swyhz3SoE_tmbDyRVeU80Ck4Mjji8lDlq9qPMtnRfJyFeqpJexz1SHHNDm12D-bz5z_mrFVoWbFXFapgy7khJx6LhffGjdCOFh9Bc0g7hupgt8lKQ8p-0tqbwoF_0yLQtH6PLSDI4bw2Qi7KeQv12dmP8fUHbm5zcvLdWHL6XmrsXlPJu6m5CTTdZmQUuoxhfSKNRBNuBziyL5_6jFxFipusAp6c_GVRlWFAMLL1viim4u9fpjy_AQ5xULcUulU2KoNe-wz--X0LtZls5SAZ32k-fbqUOaZL8eNCxq37wgCfflZCkTnORopjN0Sf05VBq85jrBU-zUa0U85pK5yCqnMNengsshlt6FBmZL0JkJO2huIlTBWgdIcBe48al40DCiiC6DUeZU7vh4FHXjfoTtsjzEfn-T2Z62Tp01t8e0W2stSQoA6wvw0rN-abM_L3ujjDsSLqwYYAksCq9a4Rm7jEzQ07KQIMu1kjedztF7pMalAnZHixszNs62L7RZTV6TbyYUYwp3reptRnoP-hZEJohBslfJv9x08w21Qqfp4zZDIZ
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 14:49:05 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
it.lngtd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kooora.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:05 GMT
server
Google Frontend
x-cloud-trace-context
1fc6a58555ad40515b1b7f2e3f41be1c
/
it.lngtd.com/ 		43 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.lngtd.com/
Requested by
Host: lngtd.com
URL: https://lngtd.com/kooora_homepage.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
6118597847167dfd90f03ce02ec59e8f0247287b863caeff182b3b6cfceb1eb3

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 14:49:05 GMT
server
Google Frontend
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
d5df4177eb6f8c04fcc2ddc51b365e6d
access-control-allow-headers
Content-Type
content-length
43
json
gum.criteo.com/sid/ Frame 		0
0
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=7.42.0
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=7.42.0&b=1&g=FsON0wSzGVPrHP%2FBciuTNFPt7yfpewyQgn%2B38fCfRH4%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=7.42.0&b=1&g=FsON0wSzGVPrHP%2FBciuTNFPt7yfpewyQgn%2B38fCfRH4%3D
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:06 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.kooora.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 17 Aug 2023 14:49:06 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.kooora.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a000034LE2vAAG&gdpr=0&src=pbjs&ver=7.42.0&b=1&g=FsON0wSzGVPrHP%2FBciuTNFPt7yfpewyQgn%2B38fCfRH4%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
json
gum.criteo.com/sid/ 		0
0
prebid
id5-sync.com/api/config/ 		0
0
id
id.crwdcntrl.net/ 		75 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.30.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-30-187.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
699cf7a35cee825c50bcca1df27f97d84fea287c927297d9a11f6384d2eb9eed

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.kooora.com
cache-control
no-cache
x-server
10.40.44.13
access-control-allow-credentials
true
content-length
75
expires
0
rid
match.adsrvr.org/track/ 		108 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=wq4ba1k&fmt=json
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
53ae1c69ff2011837d0aeda6a2393bcbb682601f32f17e72b9824cb53fb6491f

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:06 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kooora.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 16 Sep 2023 14:49:06 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6694 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=79189
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 14:49:09 GMT
expires
Fri, 18 Aug 2023 12:48:58 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 79EB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
29664
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 17 Aug 2023 14:49:06 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
178, 52262
X-Served-By
cache-lga13626-LGA, cache-yyz4533-YYZ
X-Timer
S1692283747.719978,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 1A9D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
397
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f82b8da9a7439fb-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 14:49:09 GMT
expires
Thu, 17 Aug 2023 18:49:09 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 49D8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: p.lngtdv.com
URL: https://p.lngtdv.com/prebid/prebid7.42.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.kooora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 14:49:06 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=8a981ae1-e2ed-4cc0-84f3-f492f49cfff1&ssp=themediagrid
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=59&user_id=8a981ae1-e2ed-4cc0-84f3-f492f49cfff1&ssp=themediagrid
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 14:49:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//x.bidswitch.net/sync?dsp_id=59&user_id=8a981ae1-e2ed-4cc0-84f3-f492f49cfff1&ssp=themediagrid
Date
Thu, 17 Aug 2023 14:49:06 GMT
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 49D8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 14:49:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2023 04:13:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48143
Connection
keep-alive
Content-Length
10116
Expires
Fri, 18 Aug 2023 04:11:29 GMT
9.gif
id5-sync.com/c/845/108/0/
Redirect Chain
  • https://id5-sync.com/i/845/8.gif?id5id=ID5*zt5ZuNbXlh_9WIUNhTVVf_Uw8nMWEjWsqQvCyOZSJbZb3YTKJJ6VkjuB-10_60bdW97C8zZXux3zt5jYlZsTBg&o=api&gdpr_consent=undefined&gdpr=false
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/845/441/7/2.gif?puid=u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F429%2F6%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F429%2F6%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0&rdf=1
  • https://id5-sync.com/c/845/429/6/3.gif?puid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=847b7d9c-55d6-42cc-9691-075eba001ca9&ttl=%%TTL%%
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F434%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/845/434/4/5.gif?puid=e6f51fad-975e-4d8d-bc42-ff3ca190bcca&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/845/112/3/6.gif?puid=BF150BEED929E14&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-96bbIT-txQqwvtdy3W6lAtjJqeH6DnZe4_kSEboebA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F3%2F2%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/845/3/2/7.gif?puid=9d3664de-3365-4600-8ec4-eb3d8ed9252e&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/845/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/845/2/1/8.gif?puid=8694686486495607686&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F845%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/845/108/0/9.gif?puid=9a5d171d-aafb-4508-b46b-f03ccade1bf4&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/845/108/0/9.gif?puid=9a5d171d-aafb-4508-b46b-f03ccade1bf4&gdpr=0&gdpr_consent=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
HTTP/1.1
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.kooora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 17 Aug 2023 14:49:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Thu, 17 Aug 2023 14:49:09 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://id5-sync.com/c/845/108/0/9.gif?puid=9a5d171d-aafb-4508-b46b-f03ccade1bf4&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
async_usersync
ib.adnxs.com/ Frame 79EB 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:06 GMT
an-x-request-uuid
a748c3f7-9f5e-4067-afb4-526e453602e3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1067
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjVs5LyATAB&v=APEucNWQQMKkdWeyz2ITZDH_qjue_22EXGj3r9Z3UW9bJc2hGEjjt9TQEhbqDTZa-1fENOpX0F62_O-5JDsDEmwzEDUOdE2giA
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIgDT0fRYkrsdeWdGbHk%2B%2FEJw98Kssf86FdR3wLi1ztHtTVKxIWDkWOJSvD0LeCMAOXAr8dZ7j3Lim07VEyy0MFR9GULCSG3WgMhgFzoZf2lFKaLxKY%2FX%2FPpecg0X65aE8JgAp%2BY6W1bAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8cc0c25a1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1067
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN4zX8l3BI2lD4f.iBTJdgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1&google_hm=2
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjVs5LyATAB&v=APEucNWQQMKkdWeyz2ITZDH_qjue_22EXGj3r9Z3UW9bJc2hGEjjt9TQEhbqDTZa-1fENOpX0F62_O-5JDsDEmwzEDUOdE2giA
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDHatq6%2FM0YDo5hJN5CE9JylAhAORas9ZuxgiyyBX0Xv7XhGb19xX%2FM%2Bq1JzV6ejdztwMM2pBt9ee2i94KXLm2cBaq9Mv%2B971unXSlBuI95NVf8XKgmKj%2BJReEAl2sZwBgpwB%2BG4gkxoOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8cc7ca7a1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnkOU7dxj9ON_KroV9ficI&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1067
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAdLhSxz2CrATyxYO0_g3dY&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdLhSxz2CrATyxYO0_g3dY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjVs5LyATAB&v=APEucNWQQMKkdWeyz2ITZDH_qjue_22EXGj3r9Z3UW9bJc2hGEjjt9TQEhbqDTZa-1fENOpX0F62_O-5JDsDEmwzEDUOdE2giA
Protocol
H2
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
an-x-request-uuid
08e32ab0-88d4-4b07-a04c-f66afc7dbc3e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdLhSxz2CrATyxYO0_g3dY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1067
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY5NDY4NjQ4NjQ5NTYwNzY4Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY5NDY4NjQ4NjQ5NTYwNzY4Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjVs5LyATAB&v=APEucNWQQMKkdWeyz2ITZDH_qjue_22EXGj3r9Z3UW9bJc2hGEjjt9TQEhbqDTZa-1fENOpX0F62_O-5JDsDEmwzEDUOdE2giA
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
an-x-request-uuid
d67cfe42-2ed6-4222-b8d0-dc2652f45b0c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY5NDY4NjQ4NjQ5NTYwNzY4Ng%3D%3D
x-proxy-origin
37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7E0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENLNDyYT-wKeAJivskLl19Y&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENLNDyYT-wKeAJivskLl19Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjvspLyATAB&v=APEucNW-Cv3XoYwJXLVgWx5r0ol0jWkWOCy-9XCknvz8Pdtg64xrYKbu9QTL45mxgr_zpTq4WwRzz_YNRDqDtSUzJnqtAyK73w
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENLNDyYT-wKeAJivskLl19Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7E0F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODM3ZmJiOWMtZTllMi0yMGYyLWZiNzctZTY2OTNmYjdjMWQ1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODM3ZmJiOWMtZTllMi0yMGYyLWZiNzctZTY2OTNmYjdjMWQ1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjvspLyATAB&v=APEucNW-Cv3XoYwJXLVgWx5r0ol0jWkWOCy-9XCknvz8Pdtg64xrYKbu9QTL45mxgr_zpTq4WwRzz_YNRDqDtSUzJnqtAyK73w
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 17 Aug 2023 14:49:07 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODM3ZmJiOWMtZTllMi0yMGYyLWZiNzctZTY2OTNmYjdjMWQ1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 7E0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBZHSQg7UwXmF1pSS8I9H4Q&google_cver=1
23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBZHSQg7UwXmF1pSS8I9H4Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjvspLyATAB&v=APEucNW-Cv3XoYwJXLVgWx5r0ol0jWkWOCy-9XCknvz8Pdtg64xrYKbu9QTL45mxgr_zpTq4WwRzz_YNRDqDtSUzJnqtAyK73w
Protocol
H2
Server
23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-197-46.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Thu, 17 Aug 2023 14:49:07 GMT
pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEBZHSQg7UwXmF1pSS8I9H4Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7E0F
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGQyZjdiY2EtYmIyOS00ODVmLWJjYzYtZTk3OTBiMmJlODY1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGQyZjdiY2EtYmIyOS00ODVmLWJjYzYtZTk3OTBiMmJlODY1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2uMBDHmJWdBBjvspLyATAB&v=APEucNW-Cv3XoYwJXLVgWx5r0ol0jWkWOCy-9XCknvz8Pdtg64xrYKbu9QTL45mxgr_zpTq4WwRzz_YNRDqDtSUzJnqtAyK73w
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGQyZjdiY2EtYmIyOS00ODVmLWJjYzYtZTk3OTBiMmJlODY1
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 17 Aug 2023 14:49:07 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 720E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
Origin
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 11:07:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 720E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:18:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
59456
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:18:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 720E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:24:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
59070
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:24:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 720E 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 15:22:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
84415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 15:22:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0360 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
32048
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 05:54:59 GMT
etag
48472445140208031
expires
Fri, 18 Aug 2023 05:54:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 720E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dbc22ac0742e93135812f6f14725658ac038f2d4783d374efb308e457786bf5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 49C9 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
Origin
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 11:07:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 49C9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cae_-gRp76UYSfxA1l2BFsj667AGiYWpbyJZhaYwGJw6lVpBQYv60QysyUSkDOBbwe43lIZClxSHjjAFa6iF4SE-y7JQ&cry=1&dbm_d=AKAmf-ABrULeeMeNG6VioES4EZ2iFNwMd0AXXcYNVh4RJ3b9t-wCgGYVmDRsP_M1hF9nRtaTM9gJabKBd72afiQKSm0hJm_VKNdDc0NpxQKpwFscKs1ObBars8o9UKTIxrlP3XomAvWk0J37oYA3ugW-NEZ2qaXLknDHIkPeUSWlGf-IzHTIw-7uWeYCU1uMzjrDBeIQ-au3EAYxzzJMkjBK8F_Gt0-ABEZVIO9WZKdeS0g6lzloALMNW2i0tLAVkXgW4iCa6Fkz6mWNKyNrdPQyiGjLQbiUHHIz1q725_K5dmZ4N5SUhDCdIpp-W-MfAtaxtf8_YmgNKViw6aLYza9iDwtoRNd2o8LOwsJYHGlhhzhzOk_gqKu03fIeIHSzpoqDg4IAsZeGPK5PdsGbcEN_ylIqfLltnSfZyZng2E8HwWz9vlnoD6bw9UORMEqqGNW91yA5g2g9JByYp1tocf4yOE2Xke93YGmSiz4dl_JSUfZcsru4JrxsOtTzWGp6xKK9seO7JI4eGR3PhQUINhPw62Mb2fgxPMluMYtIh23EbdT7iZGRje3fESrNH6DljE0H7YFyB8fJ781Rz7KdFjzuuruMspc7JGex24OAA-uBmnjHqDCm7tz7gkXmS7bEB306mrKhP9MpsFfIM-g-UA3QvCXnHNrAdn7el79WN-a-zqzzSXIss9J-Stn8K6z9W7Dm39YawbhlMLdpL3VDzHq6DVPCdcu_UNy_CNThmb_BPO0GcjPDJJWfYvwlHz4hOI01IQAV6UxxQ87v7ZuazmianXkX249tTbusE2CZqW7FX0ySQgzeelCR5ltG5nkT-13Lg_uCD1RfHmch_v-pbHvRNtzfNFMZ_qSd19QqHFkPpucL0GuX577jpbIcvZJwxcB1_4U2gepHSBAdjpLeLNzPsmLtB5QaavSTgksqn0B-KY_TAuOPb1F3XQCe9pI5Rt7n6tNvJ6APXlqeYQVWNotg7ia-Rjv82DlZv-7Hruy5JQw6HZnoRXSj165CMp9IdMaaXL4FPYQVBAnu069nB4R8bWizgQysf2uMiao9pIfItz1qM2CtdWYDgYLufMeMxOryrsT4DyOYRjVUEsmeFNrh1oFBJ1G3hpc58FXJ0qOyrwuRhZ-i8-fZewoVnjUTBDgfxd8Mc6niAG4U76FFWdZJfVT6AWv4mxT3A73hw-Xq4cYqzx54mXJDKpdjWCzxotaER4BbUGF3e4tks2qRdY42eb7nEFXKly1G2BJJ2XUjFYK38X83bauNHvV4TsAs03ACEsz0z-Qgtu9tZq5ERZbGxwO3BGk-WMFbgyijzm06HKcWUqZvRRwQhkzKiiwG9lkLabmDc38pkMSVRWxH_OVSRS72-0stHcuTqzgLkebll_YoxZvbLLZiBJdTo42eOgT29X0UpVYjYecULnoL0m1aPvWEs9CVVRuMr6x9Thv_FZ11GQL7YGjp6EHfFv_dzmVi40FvPX0SHE4ilcbIuCm6C4ZalsJAIefYZkwYX-ZIH7iChWpLHHi3iS7PLVIRwlA9SFeMkp4wAk6JKcb0vkavd69M6uz_NLWtCaYgBe8v_jTg1irtwjuYbGf7dgRIykDLY3vt6I0N7EWWmFkGfi4iji4lsPPmA8XajBtWIi0Inp0vXX1tiJ7y8Nu73FMtNepI_xAx_xBslPI_-OlDbquAOSmICme3jAGlGp-diUaZcKDteCMmV0bifWNbI9Wgw5wINo0PGeJ2T_xcBhRMmocJgivBjTSq8TMRpP1Rl9wETgcHwqbXh56WbD0YwnI0qFXWboXG96nKz1I6Md6rjtgD9zpXj8Ekgo8fjPcs8gtJEiGKej9CC134u9VmGJyLxANAJ-XVztVpbZSGzSmp8iC4Oka4sgFH3Q1AnENBfAUQ2WbqBpfLJtJg-MaLx2PXk4TetNwRI26gC6fgE5bEeEFZoO5vhECSIHkBIyjognhW6eWTP4dJ2PT2K-kO7Pmg4YkQxdmj_xFZEmrPzgLTGmx5hsosyEtxFH_hB_Se_D3wI8tpMRTZp72ARFcnqD2L2BD_U9ftAXOFN5fH-qh3hRqps8hyqOtfafKntkowb7j1Y9oLAnEkmvkcGz97BqXe088tfJjtpN0CJFKTZZmLGiulAy04UnJPZc357xvpzGtWOkzdEZT81EFOEVv44sYqW5freIpi9LQKvl4j59P2RcPWCTpHk22M8KQzQxMHm8YzrGtgKKjwXT0C2jP-SNccA3u4lfKi3kkiuNXXkwxey1uaFFKGTyDJxj-ze_kKM_a3lYbnOJ-HL_N0eHTh3P_jQUW0WurDudzzgouw5IsP6JhMMSc_t9RcMhk0m26fn5vikxvmcAkWqeXvDiyxW4YvGGgsCDCglIlbDPB5TAlx3m3BCG_wOetRuFk6UZXERe_iC52WfYc70q1EsdYjAPyPi7AAHGUKxl1mPuogY5lSYHn3WDyW4IH_ProVL8UMeDThG6A0Q0HpyhLd13acp-XthECJ7o-bVQ-juifeYrz5e8Rs_-y9-S5YE_bOxgJWBGtai3N1KfWLFw8TCF94cQHPHv4DrmCUX019XiokgkZTT4JlsIalpYFvxD-_nACuvY3z_YMSq1eXAI-KG-8Uw-9UNCl8xVgsJdDSA_pSK44iV4IImTLnDJH_k0UBlD7f5iSmoDq5XrdebN0DNvArHKWHC2PGkQU1GiUIgynTEM6QaJOtriL-b1Q7B-cvoRwVC3Wn2_unqbDpmPNBJ4bvWH5QvFMjZC3yd-zj75UX9CHtDSeYN9fjtCJpiKTeZsM2IayQnDgYElPfEIWd7r23naqngL09AjDKqVsmFbbDRfNx8kmhZFzCbw-wiQpaEFeJzBkYmQjjmWutYon1KgdvjDCFtQerjE3nmTTWOSoFGsUMPMZ0p9fsxB84PUyLjYmMfItBW9mZBcPbjRPnN9DVgEHKjlqfuQgqH5e27iVhRipaNH5eKuUSgosABJSbKNluK-eoypb9KhV5lE2GTXY9ruVdXp4h2VIDbOA-szwHpD3KbqfGjY2JVzPFsnCvzaeCn2qHOAXElVJzLqkjHgejmbv-XarJ73pD2PwLjmqVTSEK2VSvTuE0Sbohgrzjw9K_zydW8MqYn7pi-W7BNO791GQxmszG8394MbP6Tgzr12Jo-tGyXW8GdnGWDDYVKck-5QY9UtHAdu24w8JQgm51Luix3Wnln0E3q0JmioUDlkthiRvQ8ANWJu494_vepp0ruCj0pE3RnideycEiOEmhgrfgJ_sZ9CS2QlAlWuwj_hTJyhtPLZpz7u49zGGon5J7BQetvWUOBbq9d-aMgaO6CkrMLbk8OAVA70IAzC3RwgqZnN1upJ_CiX6kFbBre_VKgNW3Dr6qeN6_7vO2ZpMDRdy9IECkY59-ds59gP41S8_zRJZ8ugRXxbe-4UrECKd9Gwcs9hhQSxN7egei3DbXziN5_RbhIutJwor4OXuNwTytt9T0fq3q3nQInjY1Gi1PvJgkWT9Fuqwd4XSR0fW-J9VTg7ZMdpQpzbcV-d3nWZsWoCx-uycwiFGgTrDpU6Hwdo3Z8QqKtTeKbfNfKSAT4Q1pu0sp6FqnRfHX8NOwVIZ1l78nUjYeTsuE-ALq2YUs0UNvI0UKLNRj38eTLo3pT9P-L6GbCNXgEkIETVKdhvVz_DkvfmY1UIV88gYm3FAZxlHagJR3V9-9BlW8t6ZHL7TD7nWcnoIuf2vpN3WwMGY_wd-gQRrwkSV0SqAX7LE8rAjCxmSEgeDQajKCRXJYvoyEQMV5_KFbAVAQoeP-miM3Hsm6IMVBLWf3VDEVaOiQ9ml9muXkP7D2W-qzuUyUlU9bHTzq9aDcwHM7xbGqmqFPaUZb1R4g7_jor-uRps1O02Eii8ic7ltngP2zJOTcwhy8qjFQewoizMlWJ2T4osZoo0dwchydJt84GJhsOzdKcaHZ44K-HlECvNgcW0U_Zfpy2N4ItZZvSH31j12H356jcd-JEIsLN22y_jVT5IZjtPy5wF6T4Jvd45M3RflATzAxS0X3QxuPMLSEWKnY6TxGVa4ca_U8as5IpID5-6WNviXdJOv9mKLXZHODgk5mlNxswO-v3BaTMWEN&cid=CAQSTQBpAlJWLNiFPOFlN3hqurXRP64bWJnUtl_xSf2XZPm2JnwNUFYD7TZth92BizIUMqYkxkoawAs0grPPm309NuBEr7WArVwdKy6JivEEGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.kooora.com&ds=l&xdt=1&iif=1&cor=5514293255710982000&adk=3526028059&idt=102&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:18:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
59456
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:18:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 49C9 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cae_-gRp76UYSfxA1l2BFsj667AGiYWpbyJZhaYwGJw6lVpBQYv60QysyUSkDOBbwe43lIZClxSHjjAFa6iF4SE-y7JQ&cry=1&dbm_d=AKAmf-ABrULeeMeNG6VioES4EZ2iFNwMd0AXXcYNVh4RJ3b9t-wCgGYVmDRsP_M1hF9nRtaTM9gJabKBd72afiQKSm0hJm_VKNdDc0NpxQKpwFscKs1ObBars8o9UKTIxrlP3XomAvWk0J37oYA3ugW-NEZ2qaXLknDHIkPeUSWlGf-IzHTIw-7uWeYCU1uMzjrDBeIQ-au3EAYxzzJMkjBK8F_Gt0-ABEZVIO9WZKdeS0g6lzloALMNW2i0tLAVkXgW4iCa6Fkz6mWNKyNrdPQyiGjLQbiUHHIz1q725_K5dmZ4N5SUhDCdIpp-W-MfAtaxtf8_YmgNKViw6aLYza9iDwtoRNd2o8LOwsJYHGlhhzhzOk_gqKu03fIeIHSzpoqDg4IAsZeGPK5PdsGbcEN_ylIqfLltnSfZyZng2E8HwWz9vlnoD6bw9UORMEqqGNW91yA5g2g9JByYp1tocf4yOE2Xke93YGmSiz4dl_JSUfZcsru4JrxsOtTzWGp6xKK9seO7JI4eGR3PhQUINhPw62Mb2fgxPMluMYtIh23EbdT7iZGRje3fESrNH6DljE0H7YFyB8fJ781Rz7KdFjzuuruMspc7JGex24OAA-uBmnjHqDCm7tz7gkXmS7bEB306mrKhP9MpsFfIM-g-UA3QvCXnHNrAdn7el79WN-a-zqzzSXIss9J-Stn8K6z9W7Dm39YawbhlMLdpL3VDzHq6DVPCdcu_UNy_CNThmb_BPO0GcjPDJJWfYvwlHz4hOI01IQAV6UxxQ87v7ZuazmianXkX249tTbusE2CZqW7FX0ySQgzeelCR5ltG5nkT-13Lg_uCD1RfHmch_v-pbHvRNtzfNFMZ_qSd19QqHFkPpucL0GuX577jpbIcvZJwxcB1_4U2gepHSBAdjpLeLNzPsmLtB5QaavSTgksqn0B-KY_TAuOPb1F3XQCe9pI5Rt7n6tNvJ6APXlqeYQVWNotg7ia-Rjv82DlZv-7Hruy5JQw6HZnoRXSj165CMp9IdMaaXL4FPYQVBAnu069nB4R8bWizgQysf2uMiao9pIfItz1qM2CtdWYDgYLufMeMxOryrsT4DyOYRjVUEsmeFNrh1oFBJ1G3hpc58FXJ0qOyrwuRhZ-i8-fZewoVnjUTBDgfxd8Mc6niAG4U76FFWdZJfVT6AWv4mxT3A73hw-Xq4cYqzx54mXJDKpdjWCzxotaER4BbUGF3e4tks2qRdY42eb7nEFXKly1G2BJJ2XUjFYK38X83bauNHvV4TsAs03ACEsz0z-Qgtu9tZq5ERZbGxwO3BGk-WMFbgyijzm06HKcWUqZvRRwQhkzKiiwG9lkLabmDc38pkMSVRWxH_OVSRS72-0stHcuTqzgLkebll_YoxZvbLLZiBJdTo42eOgT29X0UpVYjYecULnoL0m1aPvWEs9CVVRuMr6x9Thv_FZ11GQL7YGjp6EHfFv_dzmVi40FvPX0SHE4ilcbIuCm6C4ZalsJAIefYZkwYX-ZIH7iChWpLHHi3iS7PLVIRwlA9SFeMkp4wAk6JKcb0vkavd69M6uz_NLWtCaYgBe8v_jTg1irtwjuYbGf7dgRIykDLY3vt6I0N7EWWmFkGfi4iji4lsPPmA8XajBtWIi0Inp0vXX1tiJ7y8Nu73FMtNepI_xAx_xBslPI_-OlDbquAOSmICme3jAGlGp-diUaZcKDteCMmV0bifWNbI9Wgw5wINo0PGeJ2T_xcBhRMmocJgivBjTSq8TMRpP1Rl9wETgcHwqbXh56WbD0YwnI0qFXWboXG96nKz1I6Md6rjtgD9zpXj8Ekgo8fjPcs8gtJEiGKej9CC134u9VmGJyLxANAJ-XVztVpbZSGzSmp8iC4Oka4sgFH3Q1AnENBfAUQ2WbqBpfLJtJg-MaLx2PXk4TetNwRI26gC6fgE5bEeEFZoO5vhECSIHkBIyjognhW6eWTP4dJ2PT2K-kO7Pmg4YkQxdmj_xFZEmrPzgLTGmx5hsosyEtxFH_hB_Se_D3wI8tpMRTZp72ARFcnqD2L2BD_U9ftAXOFN5fH-qh3hRqps8hyqOtfafKntkowb7j1Y9oLAnEkmvkcGz97BqXe088tfJjtpN0CJFKTZZmLGiulAy04UnJPZc357xvpzGtWOkzdEZT81EFOEVv44sYqW5freIpi9LQKvl4j59P2RcPWCTpHk22M8KQzQxMHm8YzrGtgKKjwXT0C2jP-SNccA3u4lfKi3kkiuNXXkwxey1uaFFKGTyDJxj-ze_kKM_a3lYbnOJ-HL_N0eHTh3P_jQUW0WurDudzzgouw5IsP6JhMMSc_t9RcMhk0m26fn5vikxvmcAkWqeXvDiyxW4YvGGgsCDCglIlbDPB5TAlx3m3BCG_wOetRuFk6UZXERe_iC52WfYc70q1EsdYjAPyPi7AAHGUKxl1mPuogY5lSYHn3WDyW4IH_ProVL8UMeDThG6A0Q0HpyhLd13acp-XthECJ7o-bVQ-juifeYrz5e8Rs_-y9-S5YE_bOxgJWBGtai3N1KfWLFw8TCF94cQHPHv4DrmCUX019XiokgkZTT4JlsIalpYFvxD-_nACuvY3z_YMSq1eXAI-KG-8Uw-9UNCl8xVgsJdDSA_pSK44iV4IImTLnDJH_k0UBlD7f5iSmoDq5XrdebN0DNvArHKWHC2PGkQU1GiUIgynTEM6QaJOtriL-b1Q7B-cvoRwVC3Wn2_unqbDpmPNBJ4bvWH5QvFMjZC3yd-zj75UX9CHtDSeYN9fjtCJpiKTeZsM2IayQnDgYElPfEIWd7r23naqngL09AjDKqVsmFbbDRfNx8kmhZFzCbw-wiQpaEFeJzBkYmQjjmWutYon1KgdvjDCFtQerjE3nmTTWOSoFGsUMPMZ0p9fsxB84PUyLjYmMfItBW9mZBcPbjRPnN9DVgEHKjlqfuQgqH5e27iVhRipaNH5eKuUSgosABJSbKNluK-eoypb9KhV5lE2GTXY9ruVdXp4h2VIDbOA-szwHpD3KbqfGjY2JVzPFsnCvzaeCn2qHOAXElVJzLqkjHgejmbv-XarJ73pD2PwLjmqVTSEK2VSvTuE0Sbohgrzjw9K_zydW8MqYn7pi-W7BNO791GQxmszG8394MbP6Tgzr12Jo-tGyXW8GdnGWDDYVKck-5QY9UtHAdu24w8JQgm51Luix3Wnln0E3q0JmioUDlkthiRvQ8ANWJu494_vepp0ruCj0pE3RnideycEiOEmhgrfgJ_sZ9CS2QlAlWuwj_hTJyhtPLZpz7u49zGGon5J7BQetvWUOBbq9d-aMgaO6CkrMLbk8OAVA70IAzC3RwgqZnN1upJ_CiX6kFbBre_VKgNW3Dr6qeN6_7vO2ZpMDRdy9IECkY59-ds59gP41S8_zRJZ8ugRXxbe-4UrECKd9Gwcs9hhQSxN7egei3DbXziN5_RbhIutJwor4OXuNwTytt9T0fq3q3nQInjY1Gi1PvJgkWT9Fuqwd4XSR0fW-J9VTg7ZMdpQpzbcV-d3nWZsWoCx-uycwiFGgTrDpU6Hwdo3Z8QqKtTeKbfNfKSAT4Q1pu0sp6FqnRfHX8NOwVIZ1l78nUjYeTsuE-ALq2YUs0UNvI0UKLNRj38eTLo3pT9P-L6GbCNXgEkIETVKdhvVz_DkvfmY1UIV88gYm3FAZxlHagJR3V9-9BlW8t6ZHL7TD7nWcnoIuf2vpN3WwMGY_wd-gQRrwkSV0SqAX7LE8rAjCxmSEgeDQajKCRXJYvoyEQMV5_KFbAVAQoeP-miM3Hsm6IMVBLWf3VDEVaOiQ9ml9muXkP7D2W-qzuUyUlU9bHTzq9aDcwHM7xbGqmqFPaUZb1R4g7_jor-uRps1O02Eii8ic7ltngP2zJOTcwhy8qjFQewoizMlWJ2T4osZoo0dwchydJt84GJhsOzdKcaHZ44K-HlECvNgcW0U_Zfpy2N4ItZZvSH31j12H356jcd-JEIsLN22y_jVT5IZjtPy5wF6T4Jvd45M3RflATzAxS0X3QxuPMLSEWKnY6TxGVa4ca_U8as5IpID5-6WNviXdJOv9mKLXZHODgk5mlNxswO-v3BaTMWEN&cid=CAQSTQBpAlJWLNiFPOFlN3hqurXRP64bWJnUtl_xSf2XZPm2JnwNUFYD7TZth92BizIUMqYkxkoawAs0grPPm309NuBEr7WArVwdKy6JivEEGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.kooora.com&ds=l&xdt=1&iif=1&cor=5514293255710982000&adk=3526028059&idt=102&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:24:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
59070
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:24:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 49C9 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 15:22:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
84415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 15:22:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B8F0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
32048
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 05:54:59 GMT
etag
48472445140208031
expires
Fri, 18 Aug 2023 05:54:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 49C9 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
924916d8ff5522aba66bf00152f1b3d9c0f6d40eeef72a4d127fee9d20e4fde4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 09A3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
132745
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 01:56:42 GMT
expires
Thu, 15 Aug 2024 01:56:42 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 0360
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJyaP0rV2M68MoaASQDbGlk&google_push=AXcoOmS-9F0BHQJLFCSASD95D92BuSWWmEfynqtczaMRpTfoLrukjSYGMN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJyaP0rV2M68MoaASQDbGlk&google_push=AXcoOmS-9F0BHQJLFCSASD95D92BuSWWmEfynqtczaMRpTfoLrukjSYGMNb678t6cdHq9XvEBI0eH_A5XlimOKX-E-ROrw1jopE
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yyz4521-YYZ
pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1692283747.368111,VS0,VE21
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJyaP0rV2M68MoaASQDbGlk&google_push=AXcoOmS-9F0BHQJLFCSASD95D92BuSWWmEfynqtczaMRpTfoLrukjSYGMNb678t6cdHq9XvEBI0eH_A5XlimOKX-E-ROrw1jopE
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 0360
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHbkCsY2TMEApAmXuEGfMW4&google_cver=1&google_push=AXcoOmToukJAG-EKJeGlGAl79h2RHOFOKPv3_Ub48770oshvjXPhlY1TktDkZslQCse2ksBwf23...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGQTFOSUctUS1EMUpX&google_push=AXcoOmToukJAG-EKJeGlGAl79h2RHOFOKPv3_Ub48770oshvjXPhlY1TktDkZslQCse2ksBwf23w-Cc6PeKK5qV5MIDz7KNlkD0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGQTFOSUctUS1EMUpX&google_push=AXcoOmToukJAG-EKJeGlGAl79h2RHOFOKPv3_Ub48770oshvjXPhlY1TktDkZslQCse2ksBwf23w-Cc6PeKK5qV5MIDz7KNlkD0
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGQTFOSUctUS1EMUpX&google_push=AXcoOmToukJAG-EKJeGlGAl79h2RHOFOKPv3_Ub48770oshvjXPhlY1TktDkZslQCse2ksBwf23w-Cc6PeKK5qV5MIDz7KNlkD0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0360
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEEzLCt94mvfJvHmDCmKEhqk&google_cver=1&google_push=AXcoOmQBa-oqnzwny3q5zqeNPwncN69cJ7fNcvDk02hSxsNqCeMbhE94bVb-tlce9RGHpiA8Tz6TRRCUi0z69ok1ic...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwMDYzNTA3MTQxOTU2Nzk0MjQ&google_push=AXcoOmQBa-oqnzwny3q5zqeNPwncN69cJ7fNcvDk02hSxsNqCeMbhE94bVb-tlce9RGHpiA8Tz6TRRCUi0z69ok1icsf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwMDYzNTA3MTQxOTU2Nzk0MjQ&google_push=AXcoOmQBa-oqnzwny3q5zqeNPwncN69cJ7fNcvDk02hSxsNqCeMbhE94bVb-tlce9RGHpiA8Tz6TRRCUi0z69ok1icsfNAt3RTIG
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwMDYzNTA3MTQxOTU2Nzk0MjQ&google_push=AXcoOmQBa-oqnzwny3q5zqeNPwncN69cJ7fNcvDk02hSxsNqCeMbhE94bVb-tlce9RGHpiA8Tz6TRRCUi0z69ok1icsfNAt3RTIG
Date
Thu, 17 Aug 2023 14:49:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 0360
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEIPAmCXTsDFhRtbA3TdvXv4&google_cver=1&google_push=AXcoOmTV7XyfmmL2pTGbMAETljGqu0TgwIr4pfjCaNiKst4c8Ok4upIQchMi5EXWJ7rw5MQaVIz2c4qdOAa2aDEGdqR_Mvub3wI
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTV7XyfmmL2pTGbMAETljGqu0TgwIr4pfjCaNiKst4c8Ok4upIQchMi5EXWJ7rw5MQaVIz2c4qdOAa2aDEGdqR_Mvub3wI&google_hm=M21NTFVwcGpqTHA4V2Nob...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTV7XyfmmL2pTGbMAETljGqu0TgwIr4pfjCaNiKst4c8Ok4upIQchMi5EXWJ7rw5MQaVIz2c4qdOAa2aDEGdqR_Mvub3wI&google_hm=M21NTFVwcGpqTHA4V2NobXRSVzI=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:08 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTV7XyfmmL2pTGbMAETljGqu0TgwIr4pfjCaNiKst4c8Ok4upIQchMi5EXWJ7rw5MQaVIz2c4qdOAa2aDEGdqR_Mvub3wI&google_hm=M21NTFVwcGpqTHA4V2NobXRSVzI=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0360
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEEt0Nbysx9aOEQ98eznrZ_I&google_cver=1&google_push=AXcoOmQGBJSaKrc9fa3SE3CcpW--eyH_mcv04o5t1CGp1z2fdx2es_mvSxkMnMd3E0jtfUUVaEppp_9fG9V42EJGncF4he...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZAqwjfCoTUyg1W57Vs5VGg&google_push=AXcoOmQGBJSaKrc9fa3SE3CcpW--eyH_mcv04o5t1CGp1z2fdx2es_mvSxkMnMd3E0jtfUUVaEppp_9fG9V42EJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZAqwjfCoTUyg1W57Vs5VGg&google_push=AXcoOmQGBJSaKrc9fa3SE3CcpW--eyH_mcv04o5t1CGp1z2fdx2es_mvSxkMnMd3E0jtfUUVaEppp_9fG9V42EJGncF4heBXOKAg
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZAqwjfCoTUyg1W57Vs5VGg&google_push=AXcoOmQGBJSaKrc9fa3SE3CcpW--eyH_mcv04o5t1CGp1z2fdx2es_mvSxkMnMd3E0jtfUUVaEppp_9fG9V42EJGncF4heBXOKAg
access-control-allow-origin
*
date
Thu, 17 Aug 2023 14:49:07 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 0360
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESENJZI6bkj5XqmgXU7Xgmr_A&google_cver=1&google_push=AXcoOmQdsqfSacOaB0-TrXB2ia2utqkpQAT3nXsyY0-3EGDY1jvNwooKD...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQdsqfSacOaB0-TrXB2ia2utqkpQAT3nXsyY0-3EGDY1jvNwooKDbK6xdnuNpvNF9kjaaBuAJZM8e6eHU_W7kHcIjjXA6qy7A&google_hm=QlMuNThlMy1kNjA5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQdsqfSacOaB0-TrXB2ia2utqkpQAT3nXsyY0-3EGDY1jvNwooKDbK6xdnuNpvNF9kjaaBuAJZM8e6eHU_W7kHcIjjXA6qy7A&google_hm=QlMuNThlMy1kNjA5LTQwZWQtODE3MA==
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQdsqfSacOaB0-TrXB2ia2utqkpQAT3nXsyY0-3EGDY1jvNwooKDbK6xdnuNpvNF9kjaaBuAJZM8e6eHU_W7kHcIjjXA6qy7A&google_hm=QlMuNThlMy1kNjA5LTQwZWQtODE3MA==
Date
Thu, 17 Aug 2023 14:49:10 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 0360
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBLRZtDoQ5rmOD2Sil2g8_o&google_cver=1&google_push=AXcoOmRQHcsPH0q2hW7z8L10CejKlcfVMRRucmrBNz_vbAaioOYgRv2znV4EaDC814KBF-qeh1...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RcUViSHdsRTJ1RXFVRm9ma1htN0FCSU1oZUo2X1lRYX5B&google_push=AXcoOmRQHcsPH0q2hW7z8L10CejKlcfVMRRucmrBNz_vbAaioOYgRv2zn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RcUViSHdsRTJ1RXFVRm9ma1htN0FCSU1oZUo2X1lRYX5B&google_push=AXcoOmRQHcsPH0q2hW7z8L10CejKlcfVMRRucmrBNz_vbAaioOYgRv2znV4EaDC814KBF-qeh1W1r7XskGYWw4VVHZAmUeFAwkdg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RcUViSHdsRTJ1RXFVRm9ma1htN0FCSU1oZUo2X1lRYX5B&google_push=AXcoOmRQHcsPH0q2hW7z8L10CejKlcfVMRRucmrBNz_vbAaioOYgRv2znV4EaDC814KBF-qeh1W1r7XskGYWw4VVHZAmUeFAwkdg
date
Thu, 17 Aug 2023 14:49:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 0360 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3G8ffsoPmXBGqq4_wlnEzMydNio3ILj3GjIppt2ZD8U20VrUAI3BxYexkcI3meyJJGFX3n54
Requested by
Host: 36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
URL: https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 738F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
132745
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 01:56:42 GMT
expires
Thu, 15 Aug 2024 01:56:42 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usersync.aspx
dis.criteo.com/dis/ Frame B8F0 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQbrwlhfC_bSaW8RFx07iV0Di7QP9MFq8TJeD9w_p4QaBChLRC5F6FJb8BJttwYbYqnFQvdS4wcUEMr4tKsHy62EsxKNDkT&google_gid=CAESEG308bxE8Hvkwhu2RKRlfXs&google_cver=1
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:08 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
177985
expires
Thu, 17 Aug 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B8F0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECDMv3FRtaGfjXZRvu982vI&google_cver=1&google_push=AXcoOmQD-OY-GVA09DEAhDFlW--71WHLFnwEX8Q--RD3h0ATV7HlmoA0BBD3fDGZd1WiYmJNCyB69aEE...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECDMv3FRtaGfjXZRvu982vI&google_cver=1&google_push=AXcoOmQD-OY-GVA09DEAhDFlW--71WHLFnwEX8Q--RD3h0ATV7HlmoA0BBD3fDGZd1WiYmJNCyB...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgwMjI2ODM4NDY5NzU2MzE0OQ&google_push=AXcoOmQD-OY-GVA09DEAhDFlW--71WHLFnwEX8Q--RD3h0ATV7HlmoA0BBD3fDGZd1WiYmJNCyB69a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgwMjI2ODM4NDY5NzU2MzE0OQ&google_push=AXcoOmQD-OY-GVA09DEAhDFlW--71WHLFnwEX8Q--RD3h0ATV7HlmoA0BBD3fDGZd1WiYmJNCyB69aEES4bRdZGpNDuyRLRzbXEv
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgwMjI2ODM4NDY5NzU2MzE0OQ&google_push=AXcoOmQD-OY-GVA09DEAhDFlW--71WHLFnwEX8Q--RD3h0ATV7HlmoA0BBD3fDGZd1WiYmJNCyB69aEES4bRdZGpNDuyRLRzbXEv
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame B8F0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENzGz3gxiSwF_rvIQDDKkW0&google_cver=1&google_push=AXcoOmSQkx3GUJ8mEzEQ8oPrE5_7gceFR0QjG11Ex7bTYo5fpaVuFI9VN3ac9nTLjUMXSwCkHijyKKoGDX9EA...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENzGz3gxiSwF_rvIQDDKkW0&google_push=AXcoOmSQkx3GUJ8mEzEQ8oPrE5_7gceFR0QjG11Ex7bTYo5fpaVuFI9VN3ac9nTLjUMXSwCkHijyKKoGDX9EA...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSQkx3GUJ8mEzEQ8oPrE5_7gceFR0QjG11Ex7bTYo5fpaVuFI9VN3ac9nTLjUMXSwCkHijyKKoGDX9EAxpQTZSw_yDxpFE&google_hm=eHJtMHh3WG5rMXVNamE5W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSQkx3GUJ8mEzEQ8oPrE5_7gceFR0QjG11Ex7bTYo5fpaVuFI9VN3ac9nTLjUMXSwCkHijyKKoGDX9EAxpQTZSw_yDxpFE&google_hm=eHJtMHh3WG5rMXVNamE5WHl6TU4=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:07 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSQkx3GUJ8mEzEQ8oPrE5_7gceFR0QjG11Ex7bTYo5fpaVuFI9VN3ac9nTLjUMXSwCkHijyKKoGDX9EAxpQTZSw_yDxpFE&google_hm=eHJtMHh3WG5rMXVNamE5WHl6TU4=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B8F0
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SLj-cYe_ScS2E04wu0ynUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SLj-cYe_ScS2E04wu0ynUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRfvjnxw4ewKyZKmdqgvKr1Es2dXEF5fPmtLrazxlcARgzmgFHIAlBFbuKjDAkl2jSwYtvW9aDx36uamnf_W38x4pFNbag
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SLj-cYe_ScS2E04wu0ynUw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRfvjnxw4ewKyZKmdqgvKr1Es2dXEF5fPmtLrazxlcARgzmgFHIAlBFbuKjDAkl2jSwYtvW9aDx36uamnf_W38x4pFNbag
date
Thu, 17 Aug 2023 14:49:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B8F0
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEEzLCt94mvfJvHmDCmKEhqk&google_cver=1&google_push=AXcoOmScKQH_YgnOmIZzSH5Cn6R_vJy1Ww4_QgCldnc9N2s63ROfo1kKJEQK92t7NddqB8kww_AgOaqcbcI3bfSzkt...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1ODYxMzkwMjk3NjQ0NTQ1NTY&google_push=AXcoOmScKQH_YgnOmIZzSH5Cn6R_vJy1Ww4_QgCldnc9N2s63ROfo1kKJEQK92t7NddqB8kww_AgOaqcbcI3bfSzktGi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1ODYxMzkwMjk3NjQ0NTQ1NTY&google_push=AXcoOmScKQH_YgnOmIZzSH5Cn6R_vJy1Ww4_QgCldnc9N2s63ROfo1kKJEQK92t7NddqB8kww_AgOaqcbcI3bfSzktGi6lmjW7kA
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1ODYxMzkwMjk3NjQ0NTQ1NTY&google_push=AXcoOmScKQH_YgnOmIZzSH5Cn6R_vJy1Ww4_QgCldnc9N2s63ROfo1kKJEQK92t7NddqB8kww_AgOaqcbcI3bfSzktGi6lmjW7kA
Date
Thu, 17 Aug 2023 14:49:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B8F0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTJY1oSBHG_VOcdNASCFwmU-w3N8svTNadPTFTRsnnCmvgCvB_FRf2SnIOo5UCINFZgYJGm7CxYa_vAMpyyjwLcu8PjOgMp&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-ea67a503-396b-4983-9213-9a281b2e891f-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTJY1oSBHG_VOcdNASCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTJY1oSBHG_VOcdNASCFwmU-w3N8svTNadPTFTRsnnCmvgCvB_FRf2SnIOo5UCINFZgYJGm7CxYa_vAMpyyjwLcu8PjOgMp&google_hm=BepnpQM5a0mDkhOaKBsuiR8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTJY1oSBHG_VOcdNASCFwmU-w3N8svTNadPTFTRsnnCmvgCvB_FRf2SnIOo5UCINFZgYJGm7CxYa_vAMpyyjwLcu8PjOgMp&google_hm=BepnpQM5a0mDkhOaKBsuiR8
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 17 Aug 2023 14:49:09 GMT
Server
Tengine
ETag
RXea67a503396b498392139a281b2e891f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTJY1oSBHG_VOcdNASCFwmU-w3N8svTNadPTFTRsnnCmvgCvB_FRf2SnIOo5UCINFZgYJGm7CxYa_vAMpyyjwLcu8PjOgMp&google_hm=BepnpQM5a0mDkhOaKBsuiR8
Content-Type
text/html
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame B8F0
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENXPktYDdxkEAFzeQOfFBig&google_cver=1&google_push=AXcoOmQ0O05eQ3INv0GZ6MV7dGxdXmZKi3AueG2dhsDXvuQvtQtp06ZLAZ1Y5wu4Jqf4K57L5pxgwJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ0O05eQ3INv0GZ6MV7dGxdXmZKi3AueG2dhsDXvuQvtQtp06ZLAZ1Y5wu4Jqf4K57L5pxgwJChgF9htjKMPICWXgvPs3hL&google_hm=ODMzMDAwMD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ0O05eQ3INv0GZ6MV7dGxdXmZKi3AueG2dhsDXvuQvtQtp06ZLAZ1Y5wu4Jqf4K57L5pxgwJChgF9htjKMPICWXgvPs3hL&google_hm=ODMzMDAwMDc1MzY2Nzc5OTQzNQ%3D%3D
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ0O05eQ3INv0GZ6MV7dGxdXmZKi3AueG2dhsDXvuQvtQtp06ZLAZ1Y5wu4Jqf4K57L5pxgwJChgF9htjKMPICWXgvPs3hL&google_hm=ODMzMDAwMDc1MzY2Nzc5OTQzNQ%3D%3D
date
Thu, 17 Aug 2023 14:49:06 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame B8F0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfPjaar23zGGRG5t6Qx16oFY3HCvV62CrVQ178RbC54n0PjQ4CH_My_XyBMuRaXBicGBso
Requested by
Host: 4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
URL: https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/ Frame B7E1 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
8f70235177dc9754c007d4a54dbf6e9fb5efcba673705d95aadb46d3ac286b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
99457
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2280
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 11:11:30 GMT
expires
Thu, 15 Aug 2024 11:11:30 GMT
last-modified
Thu, 03 Aug 2023 19:13:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 720E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTVrBIQXOhrRxbPGQZnIMAAK6ASIpJrYPzit3u3z-nk1P8n77yipFhn4IQiK8UWDR_ZQkcB_Dc7ADioeFn9rGLWoWkLdEWIrnIztb5PEoYvREFHG9WMsUISZr15-NI7DJlHIX-kwnqUzKF5J0YBnnOeCHkP-_0QBBt8gAiKfxMMBgo0-Qh-rzMz9l9Pn5FLFQyBsUxsQTwi4krfTANMEYN3rmwO-AQwXiDdbefgpni5pBjkodTKCSB6nK4UtRqBZzeMQTDl6S6KM95T9sIFeCKBzz9bifSwTaGCy5JNeEAE-z0SJsaGvItWEbRf23h9ikC0m3-NCoUcwQZ_iMAd5gnZJO_toFnTmBnBvWC4b4zwqP358ExA89mZzh7YXu6CfSTpyhZRRy6MvqXM0cDtAuogadLNpTZCWzgLLrdSHQM_sE3iHiA_2ogkExhf4pCHnBizXXg5ACvaCTpaxbCbiRQOxytpYEdUAptmlvcJdDXmHolnXV_4oR7lGgvtE8E1CcE4y9rQKxbL0-2DzECA_7Q9lhE0wuIEO93IW3PROv_pgnu5aDPZu_-l3xrwmxLcF1zdV05LkScLc9r0fRIt0D9bGybUTM6DENu0yPqLuQmw7_Q20_RzWjLt64X33QVdgXSX6jMXtQHSulDilt26wVfI8mrNf7rI7u5PlNeyF6TY-O-rMLUUvowfWOh2zNrX8TOPBKJsXxgECEBP4aq6M13-y2C6v9fLr91vm_NGT9xuyZuzAOXIiuYGldGKPYau3_wpPiLUSCQIYLLIaNa0xzckTy9FEMY6ULERwzhSg12Ufq9CpJHyX24lxg5vhYKO8RwEGxRcXQ-nHjTitfcPadLp7hscEfiA5iOrnBgWB-LGRpX4-G_0GvE_kPHvSMff_FatIqC8iDUCtinPIS1RJZfLj54PPQMRgK_OgvtigfyL-soJkw5RmIsTiXDJpKXgpQkCxZ8WKgV_0f-S3MErZMx8438tElv7uIE1Ta1m7GcWoQZVnxCzke6RI_46aoCK-vFAEX47jVpIRAQDYdwf_8IPSFc1e89NH9xINicdtkndwUxgADwOQZ50lR19Fy0e2j3pWwQDeDQLqc-M-QLC_k6_BKanELxy38kt1r2VKC-l8_1WpVrx-o_bsJKeVmTp2eubxlDqHr7tCaMvvVplyDwPagAPNW5anksQ2t8UdVmQdacPyj4MmJhQH-9zFLBoh8j26yawAFO0wg_8UHwqlmH1PSZr9a4CUs8kEPh9BvqG8utBXhQ20qzXNF6Lq2_xeot3J99jZ6QTfQmwJXP&sai=AMfl-YStuo72Lcx5jzTPkfAN9ZKlrgFEOcxg46ay_ywouPxcqseIEVjJeSFCIOIZm924SXECziEicYgBZ4CKMiYlCXPfJ9y7BnfLrHqAvBwkhHK4ekWPU2zu18jJHEsiPVePjVcdAxFQJlEx1fTt5ZbFwS3asiB8xUcmpU27UPIcH6JMlXc9kd4g2bg0nz8Mq_j_ecxBcAHKwl2CkbwmZOFUwntAXeFPunP1nB4u8GOlA7SFmxT970Br5kirJmkFqETBw6OO&sig=Cg0ArKJSzCXzCs1XhnhlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=184&cbvp=1&cstd=181&cisv=r20230815.24099&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 17 Aug 2023 14:49:07 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:07 GMT
index.html
s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/ Frame 4C7F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
d37aee913986bb6f09e3356e1bcc0e820ed137ff25bdf0e6b602a40e0672cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
100672
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2291
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 10:51:15 GMT
expires
Thu, 15 Aug 2024 10:51:15 GMT
last-modified
Thu, 03 Aug 2023 19:12:54 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 49C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstetk69Z49TtT9DDP0DSriKeXY9v4rgXiVsSXcfyY_gnsk3GfjZi6CZEiOAoXrmCWgAeg_fIE9zvUccnP0xukNHzOI7nj1U-iXMTkAhZftqxonDGd3_1IhD6qSqU70LX8SoQuuaQ_m4glFees9Rp5zcVTbbg8OLulTvViWMhdC8LlGTT2zrxsvsnsckVdhTtBnJhg8ObjULzma_LBiSzyxHTK0eBYaatsCzFlVVVNHCYlOOXexQJ4HK0iKvRhOlVa31lOxRK5kgn199tzB5zr1CPZdLxqZzaeULGvqNcYQ73bdRf-iHsRYvPiEOYnG01UpqJNv-M6J3EZo97Tg82XNdZ25zsk0nRUeUj_BCvipKPgtzTbdc45PwZ519GE_ALHjDCp0j6tNvnF790A1D5rDlrOKExX23HPGD9c_q7TF0QfTqTkn1Xn5uEJcgb9TMo_3TG7f1XrUjKiM3Ps_tNgOpCRHSnK7_IDrOswtIUrKk5TtyJedxh6WJF2n681jbfRCKcE_EVdX8pDQI8LkbCBpTCG2QoeCC-l739crRxHQu_uC-H79cG0Uau6cTjqZ7rCuG3X0oiJnqU88Y40gNnFinpmILTVolQ3TmCPS7VjOLploDPa4sHA9ZhPvvhLos3wjSbhj0_4SglVwsNwQogemBemvPjrH6L7XkwkFKXzi2XFqH8wLh_tTPI4fCW6Aplhv-xViaZVva8SjgN4v38W3wyx01ok6eppozM_JAIeKsfETkI3JRF2OD2RC-igbjBbSQlcGFRCHvsttTUDsA2oCyNNvmyc4nkTtA-iqqoBG5cDUGwG7KCeM06gUI6IglFrzHVM7toB553eewvnYfoJSWEPLBg64i5bI7StMI3z7RqOhqONXY4GMC-KoM5S8NxYFytFC1QsF1yOF42Tm-meCsL3UUTqYJpxgtCrgxXyRSWqSyw7rsZpYAnAFv7MFf-h5CtTYyhlcJQt68V4xSc0jE6TrGPMCJrD3mfzDzYY44JMGDrRjaG5m4BoaM8GiIRi9Z41L1jBlwzvLnrq7ZCX-ONOFbvAkBXCpLxYHc7YsTpgbjPWkJNEsiNp5THnpqTo0-HYrM9kZQa8mzwp8bOUgH61q4BJ8-GudF5Y7ij-hXBB6vELkQjqjUnmMe5QDxYeBIqUDN9ky-B9d_1pAi7My67jKv3eHaJFlf57Pie1njZRo4EseXqChMv0ySB6g6CUJEI3Il4mcOAcNi73Au8CdwDwByLt3JmN8ORfgeWWmsYVsPKC6oPeQ2SM4vrEaJcK1hiT1zPtJ2fO6Zy_p78Rqoq4ckhyO27vhWu-YNCE1uyvwbY9tWwd_dukRJyWauPne4GUmcEsIlk1tugw&sai=AMfl-YSPOqv0AxYAi2vYfYlccmQTiBcCHRaYMGDAeHp7mhlhgawhWIT8AVh1chu_T8DqPnGXasImiTgMlX35r1Vt15g7tr5VPK5qN4SXGffnZywuXvLq5u8UZBbS6MyFj1ZK6sF2i8B-Jue57LbSaGrbT5b42qVH4t8xUgWDb30A8F040Nfmi-z4N136dhERvsmRdbzb7bIxXkkxVLo-wiELqUaQnD0TyomUJoXmNtqx5OnyY6mA4Du930EVCbOiv5Yib2I9-_05uYXmvoLHnvWAWSqncq9Z8THBeeFXjuqVBmaMgx5KmWZNMhYLT62e&sig=Cg0ArKJSzDviRMSTqjMtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=141&cisv=r20230815.96955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 17 Aug 2023 14:49:07 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:49:07 GMT
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 09A3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:17:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
149484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:17:43 GMT
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 738F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:17:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
149484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:17:43 GMT
styles.css
s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/ Frame B7E1 		2 KB
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
0703cc4545fac83194e11d16a1bb31b2baf36af44c7934d0f3a10d1725119c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 10:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102423
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
632
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:13:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 10:22:04 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B7E1 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 14:49:07 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B7E1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 14:49:07 GMT
logo.svg
s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/ Frame B7E1 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
9c61c48992364c24bde80e068c4fb4abfb05ff8243cb0110502ab8ead4755233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 17:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2235
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:13:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 17:39:58 GMT
vehicle.png
s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/ Frame B7E1 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/vehicle.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
95144980d4b3076ad1943c8dbf42c3b90fedde6a10a2d94f3863713f4b31abb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 15:22:11 GMT
x-content-type-options
nosniff
age
84416
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174881
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:13:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 15:22:11 GMT
copy1.png
s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/ Frame B7E1 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/copy1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
a486131426ebced1501ac2209bb585ca4a75bd43e1de577abbf213441659cede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 10:22:04 GMT
x-content-type-options
nosniff
age
102423
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21586
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:13:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 10:22:04 GMT
copy2.png
s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/ Frame B7E1 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/copy2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
4d660d7b4bd200fd543c4819f54719a7eeb2ad327975910bca20e5a78ca5a2d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 11:11:31 GMT
x-content-type-options
nosniff
age
99456
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14822
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:13:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 11:11:31 GMT
copy3.png
s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/ Frame B7E1 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/copy3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
cd7cf9d4975e46d4ea45d9946c5db4fe0ce340742c6a90bdd581b5e666f41207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 11:11:31 GMT
x-content-type-options
nosniff
age
99456
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32842
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:13:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 11:11:31 GMT
legal.png
s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/ Frame B7E1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/assets/legal.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
4f0eb13f2294548483e6db67f893ab629514d33b9426432da94004f0e319468a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10485017928969686469/MC_2023_Q2_JULY_ITTT_IAB_CEN_RavHybrid_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 08:57:00 GMT
x-content-type-options
nosniff
age
107527
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3290
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:13:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 08:57:00 GMT
styles.css
s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/ Frame 4C7F 		2 KB
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
0498c6013137a461c0fad55fba7437d3393078d07f551f1d58dde875c65ada24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
94469
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
627
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:12:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 12:34:38 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4C7F 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 14:49:07 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4C7F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 14:49:07 GMT
logo.svg
s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/ Frame 4C7F 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
9c61c48992364c24bde80e068c4fb4abfb05ff8243cb0110502ab8ead4755233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 08:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110218
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2235
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:12:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 08:12:09 GMT
vehicle.png
s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/ Frame 4C7F 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/vehicle.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
0382f1f366efbaf6e18e2e62662a0224533fa6ae97863bc790b75ef32c898e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 03:03:23 GMT
x-content-type-options
nosniff
age
42344
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
194921
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:12:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Aug 2024 03:03:23 GMT
copy1.png
s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/ Frame 4C7F 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/copy1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
e0f422c803b45a3692f9c7c1c6ca2782f66ea2d0ead09010289d4f295df44155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 10:51:15 GMT
x-content-type-options
nosniff
age
100672
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19777
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:12:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 10:51:15 GMT
copy2.png
s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/ Frame 4C7F 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/copy2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
2c8fa0569d13f919ba1cf92680fe0249338747fb4994bbed7181b9bcc6b61702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 07:55:53 GMT
x-content-type-options
nosniff
age
111194
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13954
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:12:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 07:55:53 GMT
copy3.png
s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/ Frame 4C7F 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/copy3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
c51df680ed83279ebf44fb0d67cdb76a2fd18be3e56bb7d773a3ef55f61427cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 21:51:07 GMT
x-content-type-options
nosniff
age
61080
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29129
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:12:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 21:51:07 GMT
legal.png
s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/ Frame 4C7F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/assets/legal.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
4f0eb13f2294548483e6db67f893ab629514d33b9426432da94004f0e319468a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15071300065438017891/MC_2023_Q2_JULY_ITTT_IAB_CEN_CorollaHybrid_300x250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 21:22:21 GMT
x-content-type-options
nosniff
age
62806
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3290
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 19:12:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 21:22:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 720E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTVrBIQXOhrRxbPGQZnIMAAK6ASIpJrYPzit3u3z-nk1P8n77yipFhn4IQiK8UWDR_ZQkcB_Dc7ADioeFn9rGLWoWkLdEWIrnIztb5PEoYvREFHG9WMsUISZr15-NI7DJlHIX-kwnqUzKF5J0YBnnOeCHkP-_0QBBt8gAiKfxMMBgo0-Qh-rzMz9l9Pn5FLFQyBsUxsQTwi4krfTANMEYN3rmwO-AQwXiDdbefgpni5pBjkodTKCSB6nK4UtRqBZzeMQTDl6S6KM95T9sIFeCKBzz9bifSwTaGCy5JNeEAE-z0SJsaGvItWEbRf23h9ikC0m3-NCoUcwQZ_iMAd5gnZJO_toFnTmBnBvWC4b4zwqP358ExA89mZzh7YXu6CfSTpyhZRRy6MvqXM0cDtAuogadLNpTZCWzgLLrdSHQM_sE3iHiA_2ogkExhf4pCHnBizXXg5ACvaCTpaxbCbiRQOxytpYEdUAptmlvcJdDXmHolnXV_4oR7lGgvtE8E1CcE4y9rQKxbL0-2DzECA_7Q9lhE0wuIEO93IW3PROv_pgnu5aDPZu_-l3xrwmxLcF1zdV05LkScLc9r0fRIt0D9bGybUTM6DENu0yPqLuQmw7_Q20_RzWjLt64X33QVdgXSX6jMXtQHSulDilt26wVfI8mrNf7rI7u5PlNeyF6TY-O-rMLUUvowfWOh2zNrX8TOPBKJsXxgECEBP4aq6M13-y2C6v9fLr91vm_NGT9xuyZuzAOXIiuYGldGKPYau3_wpPiLUSCQIYLLIaNa0xzckTy9FEMY6ULERwzhSg12Ufq9CpJHyX24lxg5vhYKO8RwEGxRcXQ-nHjTitfcPadLp7hscEfiA5iOrnBgWB-LGRpX4-G_0GvE_kPHvSMff_FatIqC8iDUCtinPIS1RJZfLj54PPQMRgK_OgvtigfyL-soJkw5RmIsTiXDJpKXgpQkCxZ8WKgV_0f-S3MErZMx8438tElv7uIE1Ta1m7GcWoQZVnxCzke6RI_46aoCK-vFAEX47jVpIRAQDYdwf_8IPSFc1e89NH9xINicdtkndwUxgADwOQZ50lR19Fy0e2j3pWwQDeDQLqc-M-QLC_k6_BKanELxy38kt1r2VKC-l8_1WpVrx-o_bsJKeVmTp2eubxlDqHr7tCaMvvVplyDwPagAPNW5anksQ2t8UdVmQdacPyj4MmJhQH-9zFLBoh8j26yawAFO0wg_8UHwqlmH1PSZr9a4CUs8kEPh9BvqG8utBXhQ20qzXNF6Lq2_xeot3J99jZ6QTfQmwJXP&sai=AMfl-YStuo72Lcx5jzTPkfAN9ZKlrgFEOcxg46ay_ywouPxcqseIEVjJeSFCIOIZm924SXECziEicYgBZ4CKMiYlCXPfJ9y7BnfLrHqAvBwkhHK4ekWPU2zu18jJHEsiPVePjVcdAxFQJlEx1fTt5ZbFwS3asiB8xUcmpU27UPIcH6JMlXc9kd4g2bg0nz8Mq_j_ecxBcAHKwl2CkbwmZOFUwntAXeFPunP1nB4u8GOlA7SFmxT970Br5kirJmkFqETBw6OO&sig=Cg0ArKJSzCXzCs1XhnhlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=555&vt=11&dtpt=371&dett=3&cstd=181&cisv=r20230815.24099&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 14:49:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 49C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstetk69Z49TtT9DDP0DSriKeXY9v4rgXiVsSXcfyY_gnsk3GfjZi6CZEiOAoXrmCWgAeg_fIE9zvUccnP0xukNHzOI7nj1U-iXMTkAhZftqxonDGd3_1IhD6qSqU70LX8SoQuuaQ_m4glFees9Rp5zcVTbbg8OLulTvViWMhdC8LlGTT2zrxsvsnsckVdhTtBnJhg8ObjULzma_LBiSzyxHTK0eBYaatsCzFlVVVNHCYlOOXexQJ4HK0iKvRhOlVa31lOxRK5kgn199tzB5zr1CPZdLxqZzaeULGvqNcYQ73bdRf-iHsRYvPiEOYnG01UpqJNv-M6J3EZo97Tg82XNdZ25zsk0nRUeUj_BCvipKPgtzTbdc45PwZ519GE_ALHjDCp0j6tNvnF790A1D5rDlrOKExX23HPGD9c_q7TF0QfTqTkn1Xn5uEJcgb9TMo_3TG7f1XrUjKiM3Ps_tNgOpCRHSnK7_IDrOswtIUrKk5TtyJedxh6WJF2n681jbfRCKcE_EVdX8pDQI8LkbCBpTCG2QoeCC-l739crRxHQu_uC-H79cG0Uau6cTjqZ7rCuG3X0oiJnqU88Y40gNnFinpmILTVolQ3TmCPS7VjOLploDPa4sHA9ZhPvvhLos3wjSbhj0_4SglVwsNwQogemBemvPjrH6L7XkwkFKXzi2XFqH8wLh_tTPI4fCW6Aplhv-xViaZVva8SjgN4v38W3wyx01ok6eppozM_JAIeKsfETkI3JRF2OD2RC-igbjBbSQlcGFRCHvsttTUDsA2oCyNNvmyc4nkTtA-iqqoBG5cDUGwG7KCeM06gUI6IglFrzHVM7toB553eewvnYfoJSWEPLBg64i5bI7StMI3z7RqOhqONXY4GMC-KoM5S8NxYFytFC1QsF1yOF42Tm-meCsL3UUTqYJpxgtCrgxXyRSWqSyw7rsZpYAnAFv7MFf-h5CtTYyhlcJQt68V4xSc0jE6TrGPMCJrD3mfzDzYY44JMGDrRjaG5m4BoaM8GiIRi9Z41L1jBlwzvLnrq7ZCX-ONOFbvAkBXCpLxYHc7YsTpgbjPWkJNEsiNp5THnpqTo0-HYrM9kZQa8mzwp8bOUgH61q4BJ8-GudF5Y7ij-hXBB6vELkQjqjUnmMe5QDxYeBIqUDN9ky-B9d_1pAi7My67jKv3eHaJFlf57Pie1njZRo4EseXqChMv0ySB6g6CUJEI3Il4mcOAcNi73Au8CdwDwByLt3JmN8ORfgeWWmsYVsPKC6oPeQ2SM4vrEaJcK1hiT1zPtJ2fO6Zy_p78Rqoq4ckhyO27vhWu-YNCE1uyvwbY9tWwd_dukRJyWauPne4GUmcEsIlk1tugw&sai=AMfl-YSPOqv0AxYAi2vYfYlccmQTiBcCHRaYMGDAeHp7mhlhgawhWIT8AVh1chu_T8DqPnGXasImiTgMlX35r1Vt15g7tr5VPK5qN4SXGffnZywuXvLq5u8UZBbS6MyFj1ZK6sF2i8B-Jue57LbSaGrbT5b42qVH4t8xUgWDb30A8F040Nfmi-z4N136dhERvsmRdbzb7bIxXkkxVLo-wiELqUaQnD0TyomUJoXmNtqx5OnyY6mA4Du930EVCbOiv5Yib2I9-_05uYXmvoLHnvWAWSqncq9Z8THBeeFXjuqVBmaMgx5KmWZNMhYLT62e&sig=Cg0ArKJSzDviRMSTqjMtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=514&vt=11&dtpt=371&dett=3&cstd=141&cisv=r20230815.96955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 14:49:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 09A3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bko5VYzPeZNCQArXDoPwPne6X-AoAAAAAOAHgBAI&bg=!tbaltuLNAAZGPLJIZjw7ADkAdvg8WtgiJWqgb90zU9EnDeuI5SnYbx7lwTZvT6cGNGQ83-3rkvKB0JAtmQDlon4ptN-cRpewxkACAAABDVIAAAAGaAEHmQMMI7fkvGKuGANa-zC8sQ8Qh0jm4q4EQyCoZdVBMUi7UvHFRy4RKOvB_ma0j0n6HlQOW8RBfh_RB8aVRJUkEUXZqcmMUandtHXpdxoGWv8OJ7y4BcoPYAN_gZ0YCSjpJ0CqW05MTnOFrEONy2T2nkPbTrvOKn89a5nojeu1JT7eBuTRGVHcXkksEwiUKqwxqq9CBNDpxNbHrPJgg-5vviJfU0-vv9MEN0euE7EY098cq_VLu080dIfQhfE2_jLwbFWEtpaNfDtyP1r6jv0mYQHQylBRGDbF3JrODlTVKBTPnhdhj1pTls9Y0RcwHfkBCSUy-TUaXUs7-96DivViat9YYSNrNMHMkAxQ_edUdwvWqehRpya85keaacdFh82pinBwAFOReZUiukyTauDls09LoMBeUSDEuYkGHJFVcp6oQ0CjdAMmUzbUxc2oAtndaLF6Gz3fPeUtjhTeFR5vj5FzrynavC4tKyzYFH2S5-tOfJFuq06g-XCn3xFoMwU44xCUJiX3Bk4PHOd0Uk17fAe-pJwIrYnIwYc3dmSTPg46gaM4IOLuC9OMyuHZIVrVMIPs6D2fRuDNh37v_ShbTRPVbhyJmngfKE-hjyA9ir1EUJZ_SJjlkjAyDWDFXwop0SuXyGdCZPe_rLrqSFPpfpdSKwl6emKiwuOuhOa7j38NFjDKYFNd0sfa5qu8932PjvvWUXNET3Qa9pDwxW2_VruURD3Eqw9OR5M1aURVouV9mC0KSD-TUNm9NVp3GjeeKPAxeNUSt4ZWcFouPegfcscnxf5468a0-xNOPluCrYsxMgan4i_Lyl5aZdU8KxdbiB-iF-mbBjTP8V0yk4Tx9wM4IR6yIeV_wSxNHRHUGx4qAhWp3IRRcoPAuabFgz7dNBZbt_uhI0hFPPdslvrVzY1WjS49ot1YHGijoLN8dlPAa6AepjAsKziwpoBOcA20n78EnhCwQ0I1K7SFOPgcPD_dJ0TkRvbVvqAfuX3biMZhlunToJHaK_9bt15Usz1Qi2uu8vKbxuZxVIbxcHOC
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 79EB 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
an-x-request-uuid
a175aca9-7cb7-4c58-a9a1-774fa1bcf071
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 738F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqUWqYzPeZKT7A9HqzwWWo46YBAAAAAA4AeAEAg&bg=!j4yljNjNAAZGPLJIZjw7ADkAdvg8WiKwtg8SQfM9oldmHhAztEDyycKofY4U81tGBwc-2ElorBX-7OF9n33FVj9N90YsT5WcN3sCAAABFFIAAAAHaAEHCgBf4QObe3ltutsJlcTVXE7xoZ66EFjvgzIWtaQyzD3DU3XGjM_-UY5MrPmHuIq_zsu1sakqP7ezLxpnhx9qKQgabWmLRAV1C5SW4sSagexN1JlE0UDuBoq1VXVH_G2az6iZAxqVA5Ze1wR663Uu5ZLKYo3EfSLNKgQXfbdLwrYZdbdQvirhgUYjgtIwwBln-5DsgvvIOUMIRxsgldh2BVSZFHFezAgeyDoAACW0DFzoyfdfHIVDgbp0NSXhCqezIZbG1fTyh_oJfkw4eBZp4tQAznxpQ917bFL5dgnOV1WCwsTvdzhozTDt32rqRZEqDskFcwTfC93aYAErqJfMVSyOm7cl6vMZOi9RZ-w7KW_dgxOc68KkYW-dmAhYno5PZmcZFXksVie38rvaD5v1czFKxOdC-95wxB0KEyxi3gBLphinppyTkhe2qTI2EOG7WP-XVwkTW1RDm0m4q1hi-Tj9OZkJy49bT-eOrgtf1rU8p-9MPZ46IzbaOQaTSSFHDAPkPMH2YII7xWkkDJUOBIbgXddKpZeMPpiqODtW7nvg5nt5C4OmFyrY0dPZGAmXXUVE40YC4YXeGBHvfsx3IhXLwAkOUby2dGQYEUhSqcqPLsaob07guLAjDcuDfOhHQ9u059RMEM8qVxp16hwt2WFJgyG8cpeIrAAOGk2mMcEzIl63UXP4ch6IOrm0AfMpDe29iQ0Lm_1H_GnvzmxlKypUL6419cYS6u7Gzrhs04BDWTKuVZICkRyyjRtRiweiGdb9GjziRO5RSM-BT-ewHMVs-jrRT61B10KJNUGcfG7k3NJ7k2KmYxptaoY4q4_NtwL5yHhMOvZDtAidyQtGzYbIVfkdo0HGyLhjoXR7gG2bs2WOCuYrTGmQhx9a8e9QCuDOeX2Jk70sQjO672ah480GD_L98YyAaGrNP4v1wDuQE1tGQWGKeyP-E39XA6Dblwf0mUekHAoUl5u9ESsmX9_kTFulJFg3cVghWCjEoBn271XyEvEhRSo5B-KR2_VnYVtYV4xz6TwjnFMvpYnUYjI0cTeEHYw1d0qRyzdNuJ8lUi0aCqTessounYSXHJ0V5Ba76rp42CcJ3BVENhTP9YzFaYHQxL9NKu2ZvCYw4cLfKnJ_f-cf1FVpthZT0VwIRwgDKyn4wxlaLDA3gD16Ws7z5HoR__cY0fLKJdlItg
Requested by
Host: www.kooora.com
URL: https://www.kooora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 720E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9SAbg1Df_foUEZXPbacy0NYLWTV-oW5yHWDqH4Z7Ox_m9MGZl-SNB3u9ipQJ9MUt3Qlj1VYvuE8WkYOepr5lOerRCfmvbfda0y6z014spz3IPDX2wj9YvescxVm4hkmevLidq6PTNpA&sai=AMfl-YRpIl1H9ZM5DTint2FvXHrNKCOGgH3uf_ajOTEVrmc9EJTJZ0IFmjJjNmBVh8e_MNrFMqp4Qg_rQbS8dyQxBlwT_aDorikf4fEXdrOnWjZDeVndYXescK15NQA&sig=Cg0ArKJSzPxK3DzoVW1sEAE&cid=CAQSOwBpAlJWdml5ZpYDkpm-6cxg_81jjsmyzo1LifDwHjnxUAuEv_u4Qt4ojuJVrPOxVt8f3mt6DXaJLYoJGAE&id=lidar2&mcvt=1000&p=80,436,170,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1957218521&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692283743504&rpt=3709&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 49C9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFiWXQzUKP8IoJR6aNQxJIkixufiyHrsHQXieARB5TNePbQoyAozC5NB2ezwqB_fxMMIaQkWME24kEN7Rdb10fSZWLQ7QeJxDRI1s-a_K3W8bvMRipqXcdKV9w-2YdfuoXtwAH5YWsow&sai=AMfl-YT_HKTkKU0aNJHDxSEb-U57M2186te4DOrpVDeLSoKd103REu9t0PQj1C_H5JZJs5PZ-9XDoSKm5qd1nGYxPCveUACP1oXMe8gwS9k5jGZXlu8fPeFZQKxEXcY5Y3GuLYbMTFTiWS_f5P9VCKo&sig=Cg0ArKJSzNMV3BdsTts7EAE&cid=CAQSTQBpAlJWLNiFPOFlN3hqurXRP64bWJnUtl_xSf2XZPm2JnwNUFYD7TZth92BizIUMqYkxkoawAs0grPPm309NuBEr7WArVwdKy6JivEEGAE&id=lidar2&mcvt=1000&p=527,149,777,449&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1210273051&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692283744473&rpt=2808&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 720E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=812111852920&version=m202307240101&ct=76&x=1&cor=4969778399087644000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49C9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6746548046737&version=m202307240101&ct=76&x=1&cor=5514293255710982000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame FF02
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aVN3akN3OE1BN3p4alM2a3BINDJwdw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKvvhD9yHZpK-0dDsWuDWeI&google_cver=1
49 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKvvhD9yHZpK-0dDsWuDWeI&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-ktjhm
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKvvhD9yHZpK-0dDsWuDWeI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame FF02
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=6815b39096d0051b&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAB5r9OBbWjzQMo-_DaAAAAAAA&expiration=1692370149&nuid=&is_secure=true
49 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAB5r9OBbWjzQMo-_DaAAAAAAA&expiration=1692370149&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-ktjhm
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAB5r9OBbWjzQMo-_DaAAAAAAA&expiration=1692370149&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame FF02 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=A4xpGIB3vnmN&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E1PRJ4D6694NJ97TAGF8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
679dc2efc8cd7cdac066ac36fdbdbd59206d5890391e1f8d182cd07142cee4f8

Request headers

Referer
https://www.kooora.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 17 Aug 2023 14:49:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.kooora.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
usermatch
ssum-sec.casalemedia.com/ Frame 1AEC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kooora.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
583c62c4e65663d4664b3c51da96ee4f204b51f892b1266e8c2bb69f8437e720

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f82b8dafffda1ea-YYZ
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 14:49:09 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q84gen4LNdrJ7s%2BlU1yJm97y9aJurvA6vjM6I%2Buv8%2FM9x61EgS3dp0KPwV%2FKVCBUyuKRv9296CZI%2B5j4FiQBw4BwOyEKbVry7FlPqFvuKVxN6o1GPPsR6foH5qSJufmWGVardB9NIoY%2B3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 6694 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14120383&p=160521&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d58c6923ff2fc30be6c53f9bb70ade9119c70fc894a9ae2dd04326be33969217

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 14:49:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ZN4zX8l3BI2lD4f-iBTJdgAABN4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1AEC 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZN4zX8l3BI2lD4f-iBTJdgAABN4AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kooora.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.18.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-18-162.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 1AEC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8694686486495607686
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8694686486495607686
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kooora.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vt5%2BxUvkPRkA0RWSgmsn1w8CmPjH9rtpOGe3z8sMd0l71ex5nQ8gA%2BUZx6hNwoc0HdR3P1gCn8jId3K0gJ0viZMeLLRh7cyDAQ%2FdcLIcFky7T1I80T3UwIRekU%2Fv7USWBE7K03y%2FG10mKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8dbf8f5a1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
an-x-request-uuid
2a415bdb-574e-49e5-affe-6add0de9d922
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8694686486495607686
x-proxy-origin
37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1AEC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4zYwAAADl7zgBV
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4zYwAAADl7zgBV
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kooora.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IlNVM8grChE39cgFkncMkCped5Oc1bnHaTD7LsPfOD4CpNTe2i6p12Lw64qEb%2BVawpYIedN1HFXRw%2BxAX4apZxEjX8DSbdyzN3%2FcEyK31qYwdM84m%2F2vk1vBrmFjSBw1%2FrV0QPWWEPDkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8dc1908a1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-yyz4521-YYZ
pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692283750.728936,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4zYwAAADl7zgBV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 1AEC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9219230932514937087
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9219230932514937087
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kooora.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rQxNOGbQA7PrjdYf6DT5jAZBEGOzmRCc32YiItaQ2CON0ywbsYiJT1Y0SKofxoRLuT5FXo%2FTsGP9%2BbPGpHokJNVVh0pd6FzSYfsKFb9vS5pyYAF0o5B%2B0pEBvSKpR0iGmQdJDoub6APkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8de3b6ca1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9219230932514937087
pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 1AEC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://stags.bluekai.com/site/23178?id=xrm0xwXnk1uMja9XyzMN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26DSNUYHQ...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=xrm0xwXnk1uMja9XyzMN
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=xrm0xwXnk1uMja9XyzMN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kooora.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUj6c7HhcU4d3YrdYb9S28%2BfV1p5GskBxhJfrRsfWJO6KC5F46uJSs%2Fqu6yHVNIXzvbTomdwtdAwQF1iLZQaz6f7ANL36QVr4MjP6uRWjHs4lymyVWfIKydvL4VZMxttiG8s71%2FgGfdMZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8dd7a90a1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:09 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=xrm0xwXnk1uMja9XyzMN
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 1AEC 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZN4zX8l3BI2lD4f-iBTJdgAABN4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kooora.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.98.139.150 Chicago, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:11 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1692283751002040-625
rum
dsum.casalemedia.com/ Frame 1AEC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c9420533-3b59-40f6-b4a8-ccf8a952b639&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&us_privacy=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kooora.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 17 Aug 2023 14:49:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 1AEC
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=b10ce1869d5a4ec1bf94cebb4944b725&expiration=1694875751
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=b10ce1869d5a4ec1bf94cebb4944b725&expiration=1694875751
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kooora.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2bvSG24ZvzCmNJtj7KcGF%2BpZRDc5CS6nlk1TBRmr7AyKXuMd6oIDsu%2BwkLJd2Wb%2FhNJC4Vh458bv0b8tivwWF6WITKssncVEPWQvKKhGt5JNbWSBhVgT0uH2U5CCJoTGOCTGktEsikonw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f82b8e5bd2aa1ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:11 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=b10ce1869d5a4ec1bf94cebb4944b725&expiration=1694875751
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 1AEC 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZN4zX8l3BI2lD4f.iBTJdgAA%261246
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kooora.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:11 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
1832
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f82b8e5790e3705-YYZ
content-length
43
expires
Fri, 18 Aug 2023 14:49:11 GMT
dcm
s.amazon-adsystem.com/ Frame 16A0 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=48B8FE71-87BF-49C4-B613-4E30BB4CA753&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
AJQ7ABFKTJMHHB8ZE1JS
Pug
image2.pubmatic.com/AdServer/ Frame EDAB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUGJrN0p2R2NBQUNqUHY2SDYyQQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AACSYE7JvGcAACSJx0ka_g&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D5F59504996924B16A617F7F0FD30CB04%26att%3D1%26pid%3D82%26cb%3Dhttps%...
  • https://sync.technoratimedia.com/services?srv=cs&nuid=5F59504996924B16A617F7F0FD30CB04&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?ev=AACSYE7JvGcAACSJx0ka_g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACSYE7JvGcAACSJx0ka_g&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACSYE7JvGcAACSJx0ka_g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8330000753667799435&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACSYE7JvGcAACSJx0ka_g&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACSYE7JvGcAACSJx0ka_g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 10:13:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 17 Aug 2023 14:49:10 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACSYE7JvGcAACSJx0ka_g&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 23DE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8694686486495607686&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8694686486495607686&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
079ba7aa-1823-4d27-a890-41d8634611dd
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:09 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8694686486495607686&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6694
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SLj-cYe_ScS2E04wu0ynUw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:09 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=79189
accept-ranges
bytes
content-length
5606
expires
Fri, 18 Aug 2023 12:48:58 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 6694
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=48B8FE71-87BF-49C4-B613-4E30BB4CA753
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9a5d171d-aafb-4508-b46b-f03ccade1bf4%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=847b7d9c-55d6-42cc-9691-075eba001ca9&ttd_puid=9a5d171d-aafb-4508-b46b-f03ccade1bf4%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=847b7d9c-55d6-42cc-9691-075eba001ca9&ttd_puid=9a5d171d-aafb-4508-b46b-f03ccade1bf4%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:09 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=847b7d9c-55d6-42cc-9691-075eba001ca9&ttd_puid=9a5d171d-aafb-4508-b46b-f03ccade1bf4%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 6694 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2048B8FE71-87BF-49C4-B613-4E30BB4CA753&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 6694
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 14:49:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 17 Aug 2023 14:49:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 6694
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDhCOEZFNzEtODdCRi00OUM0LUI2MTMtNEUzMEJCNENBNzUz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6694
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWqrJuDMu4RWOxwWwbAwbA&google_cver=1
42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWqrJuDMu4RWOxwWwbAwbA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWqrJuDMu4RWOxwWwbAwbA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6694
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F06F4657B4DC41A98AF08A5C4D894A39
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F06F4657B4DC41A98AF08A5C4D894A39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 17 Aug 2023 14:49:09 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F06F4657B4DC41A98AF08A5C4D894A39
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 16 Aug 2023 14:49:09 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6694
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=847b7d9c-55d6-42cc-9691-075eba001ca9&gdpr=0&gdpr_consent=
42 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=847b7d9c-55d6-42cc-9691-075eba001ca9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=847b7d9c-55d6-42cc-9691-075eba001ca9&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
48B8FE71-87BF-49C4-B613-4E30BB4CA753
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6694 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/48B8FE71-87BF-49C4-B613-4E30BB4CA753?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.18.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-18-162.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 6694
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nWgoDv9E2uVPMZkxYa44vzS259qj_Gc-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nWgoDv9E2uVPMZkxYa44vzS259qj_Gc-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nWgoDv9E2uVPMZkxYa44vzS259qj_Gc-~A&gdpr=0
date
Thu, 17 Aug 2023 14:49:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 6694
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9147173338477009151&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9147173338477009151&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9147173338477009151&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 17 Aug 2023 14:49:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
SPug
simage4.pubmatic.com/AdServer/ Frame 6694 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160521&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 70B3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56675933&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2da2f21f51f34d780256626fd1b70601aa08e07cb6ff82c2a2d06617e50a2705

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 14:49:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame E843
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3587bb3e-3d0d-11ee-8b39-a76b6e9388c8
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3587bb3e-3d0d-11ee-8b39-a76b6e9388c8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 17 Aug 2023 14:49:12 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3587bb3e-3d0d-11ee-8b39-a76b6e9388c8
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-2
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 64FC 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 17 Aug 2023 14:49:12 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4521-YYZ
x-timer
S1692283753.690649,VS0,VE40
141
match.deepintent.com/usersync/ Frame 922A 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Thu, 17 Aug 2023 14:49:12 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
image2.pubmatic.com/AdServer/ Frame 783B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9BqmuvEd97vvGfvnoRvv5_YWo7vvHKPro09crIiD
42 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9BqmuvEd97vvGfvnoRvv5_YWo7vvHKPro09crIiD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 17 Aug 2023 14:49:12 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9BqmuvEd97vvGfvnoRvv5_YWo7vvHKPro09crIiD
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
usersync.aspx
dis.criteo.com/dis/ Frame 3802 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:49:12 GMT
expires
Thu, 17 Aug 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
431014
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
usersync
usersync.gumgum.com/ Frame 6C97 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=48B8FE71-87BF-49C4-B613-4E30BB4CA753
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:12 GMT
Expires
0
Pragma
no-cache
insync
thrtle.com/ Frame 70B3
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7fa69c18-7a86-4e99-a41c-386ce5ab6719
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7fa69c18-7a86-4e99-a41c-386ce5ab6719
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
34.201.190.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-190-211.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Thu, 17 Aug 2023 14:49:12 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7fa69c18-7a86-4e99-a41c-386ce5ab6719
date
Thu, 17 Aug 2023 14:49:12 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 70B3 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 70B3 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.104.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-104-173.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:13 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 70B3 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.44.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-44-137.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 17 Aug 2023 14:49:12 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 70B3
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=8e4407dc537050b&is_secure=true&networkId=17100&version=1&nuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAByq5L7778LwNA_Lk1AAAAAAA&expiration=1692370152&nuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&...
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAByq5L7778LwNA_Lk1AAAAAAA&expiration=1692370152&nuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:12 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAByq5L7778LwNA_Lk1AAAAAAA&expiration=1692370152&nuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 70B3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=29b525d6-da02-4f20-a36a-8e59bebcbb13&gdpr=0&gdpr_consent=
1 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=29b525d6-da02-4f20-a36a-8e59bebcbb13&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=29b525d6-da02-4f20-a36a-8e59bebcbb13&gdpr=0&gdpr_consent=
Date
Thu, 17 Aug 2023 14:49:12 GMT
Connection
keep-alive
X-CI-RTID
016f544b-bd8a-479f-940f-0d106580be3e
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 70B3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=0&gdpr_consent=&gdp...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=847b7d9c-55d6-42cc-9691-075eba001ca9
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=eef860ad-3fd7-3b57-ad0e-cf11e4069552&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=25eb8aba-fd6b-4643-b4cb-d725fb46b102&ssp=ucfunnel&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594929237477654731&ssp=ucfunnel&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=25eb8aba-fd6b-4643-b4cb-d725fb46b102
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=eef860ad-3fd7-3b57-ad0e-cf11e4069552&ssp=pubmatic&bsw_param=25eb8aba-fd6b-4643-b4cb-d725fb46b102
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&gdpr_pd=
1 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=25eb8aba-fd6b-4643-b4cb-d725fb46b102&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 17 Aug 2023 14:49:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 70B3 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.85.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-85-110.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:13 GMT
sn.ashx
pmp.mxptint.net/ Frame 70B3
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_1078E4722_1D55926A&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-375288531; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Thu, 17 Aug 2023 14:49:12 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-375288531; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 17 Aug 2023 14:49:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 202B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81612157&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
feef3f93bc5c39762b41a841a785dfecf36d7337d5769b4d96cfb7565096ed1c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 17 Aug 2023 14:49:12 GMT
content-length
1801
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 6694 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6258521&p=160521&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
39c30816a09db9640de815aff15a3862571b139f097858b4d4a99ab93860bff9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 17 Aug 2023 14:49:12 GMT
content-length
2026
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 4798
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OR_pt0ynUoFBNzJ13jDD9yUT1Pg&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OR_pt0ynUoFBNzJ13jDD9yUT1Pg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Aug 2023 14:49:13 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OR_pt0ynUoFBNzJ13jDD9yUT1Pg&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame E2D1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:d4KtuCeP1QwEjf5&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:d4KtuCeP1QwEjf5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 17 Aug 2023 14:49:13 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:d4KtuCeP1QwEjf5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-004b803653beae686@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame BC54
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314642188303661
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314642188303661
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 17 Aug 2023 14:49:13 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314642188303661
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame DFB6
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=860b3603-30dd-416c-abf4-97176d480e99&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=48B8FE71-87BF-49C4-B613-4E30BB4CA753
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=48B8FE71-87BF-49C4-B613-4E30BB4CA753
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.73.155 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:14 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 17 Aug 2023 14:49:12 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=48B8FE71-87BF-49C4-B613-4E30BB4CA753
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 7271 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID48B8FE71-87BF-49C4-B613-4E30BB4CA753
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Aug 2023 14:49:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
G3DTEG21K6CSRNY8JG3Y
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 202B 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.102.189 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 14:49:13 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
3bcace00-3d0d-11ee-b0d6-061a314f4b8f
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-02e46cb793c33cb1a
712188.gif
idsync.rlcdn.com/ Frame 202B 		0
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=48B8FE71-87BF-49C4-B613-4E30BB4CA753/gdpr=0/ Frame 202B 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=48B8FE71-87BF-49C4-B613-4E30BB4CA753/gdpr=0/gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.30.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-30-187.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:12 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.5.169
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 202B 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:49:12 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
image2.pubmatic.com/AdServer/ Frame 202B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=f60de19e-9eaf-48a6-b55e-9ccbdab60599-64de336a-5541&gdpr=0&gdpr_consent=
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=f60de19e-9eaf-48a6-b55e-9ccbdab60599-64de336a-5541&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:13 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=f60de19e-9eaf-48a6-b55e-9ccbdab60599-64de336a-5541&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 202B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3900458072299293864
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3900458072299293864
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_ox-db5_smrt_n-Tappx_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_rbd_ppt_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 14:49:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3900458072299293864
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 48F4
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 14:49:12 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
a.tribalfusion.com/ Frame 5970 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0292
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 17 Aug 2023 14:49:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame DADA
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815041026299
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815041026299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815041026299
Pug
image2.pubmatic.com/AdServer/ Frame 9C0F
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU7e63d4cd251d4d249033d87836485c8d&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU7e63d4cd251d4d249033d87836485c8d&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
168
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU7e63d4cd251d4d249033d87836485c8d&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 4732
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=748087696
  • https://sync.1rx.io/usersync/turn/9147173338477009151?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ea67a503-396b-4983-9213-9a281b2e891f-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ea67a503-396b-4983-9213-9a281b2e891f-005
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ea67a503-396b-4983-9213-9a281b2e891f-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 14:49:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Thu, 17 Aug 2023 14:49:12 GMT
ETag
RXea67a503396b498392139a281b2e891f005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ea67a503-396b-4983-9213-9a281b2e891f-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
cm
ipac.ctnsnet.com/int/ Frame 86E2 		43 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 14:49:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pubmatic
gocm.c.appier.net/ Frame 5F79 		0
0
15
mweb.ck.inmobi.com/sync/ Frame BBA2 		0
0
/
bpi.rtactivate.com/tag/ Frame 6694 		0
0
75145
i.liadm.com/s/ Frame 6694 		0
0
qmap
sync.crwdcntrl.net/ Frame 6694 		0
0
/
io.narrative.io/ Frame 6694 		0
0
apn
ads.playground.xyz/usersync/ Frame 6694 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.kooora.com
URL
https://www.kooora.com/cdn-cgi/challenge-platform/scripts/invisible.js
Domain
gaae.hit.gemius.pl
URL
https://gaae.hit.gemius.pl/xgemius.js
Domain
script.4dex.io
URL
https://script.4dex.io/adagio.js
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Domain
ssp.api.tappx.com
URL
https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Domain
amazon-tam-match.dotomi.com
URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Domain
players.brightcove.net
URL
https://players.brightcove.net/6286608028001/default_default/index.min.js
Domain
cs-server-s2s.yellowblue.io
URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJbwLXTPeZIfZIOesoPMPgK2_kA6-hsO1cvyU-9m5EaO_5u2nPxABIJ_fz4EBYP2gmYHoA6AB6f31zwPIAQngAgCoAwHIAwqqBNwBT9BNBtoappDtTD6GKHI49A58_-uG1nsOLdBK-xEcr6MucmS90NN-Uw6TN4hHQnUSYVNeyG9Q91UEeEX3mRHmRRb6ZvCiuJk5MrgwWw30yU2_owSm9ZNmYXONuzQz5Rg4k9f--civclQlXhl7El7q__9DhxvVJn3ZA80K3e4JXyGZw8IrIq9lAsp0UYI7tznwNmHCS0uefJN86grvpOfR9jLU_S7dLgmSLKtrqPtNsYdrenyf3XCn-6u_CIzS3nkCONxT-_5T3oyGhta76Tz2YcozjknEZAeKciSvUcAE_sew86wE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4qaxJwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3M0I0ggUCIBhEAEYHTICigI6AoBASL39wTqaCTtodHRwczovL3NlYXJjaGZhdm9yaXRlcy5uZXQvaW5kZXgucGhwP3JnaWQ9NzAzNTU2JnN1Yj1nY2xpZIAKA8gLAdoMEAoKELDp3ob1l_eCExICAQPYEwyIFAHQFQGAFwGyFx4KHAgAEhRwdWItODE5NTU4NTQ3MzQ1NjYxNRiavno&sigh=q1WPrdtMeVI&uach_m=[]&ase=2&cid=CAQSSwBpAlJW2dAMmA-XSFDQdugIXOVij151dv1t_w5c8jwHpN56W92mgBPIH6FBDlefrBnHEXr-8QPGwdZPA60h8tzhzYoG9IXC4leHxBgB&template_id=5000&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkWwlN-_KlHZPTjSFzEE593dMWKjxJOgEuxTvLSdw6xEXjbkwT3evp5ymbgCVaz41vsXgD5Zx0-qoNmOB3MfrlXqBMPxUJFEsIJg7MMLWEk1LlSdmU&sig=Cg0ArKJSzO0J6mtSPhcFEAE&id=lidartos&mcvt=201&p=527,149,777,449&mtos=201,201,201,201,201&tos=201,0,0,0,0&v=20230816&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4055398765&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1692283742979&rpt=263&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kooora.com%2F&domain=www.kooora.com&cw=1&pbt=1&lsw=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kooora.com%2F&domain=www.kooora.com&cw=1&pbt=1&lsw=1
Domain
id5-sync.com
URL
https://id5-sync.com/api/config/prebid
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/712188.gif?partner_uid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
mweb.ck.inmobi.com
URL
https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
Domain
bpi.rtactivate.com
URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
Domain
i.liadm.com
URL
https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=48B8FE71-87BF-49C4-B613-4E30BB4CA753
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=48B8FE71-87BF-49C4-B613-4E30BB4CA753&gdpr=0&gdpr_consent=
Domain
io.narrative.io
URL
https://io.narrative.io/?companyId=673&id=pubmatic_id:48B8FE71-87BF-49C4-B613-4E30BB4CA753
Domain
ads.playground.xyz
URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| googletag object| MoatNadoAllJsonpRequest_8555466 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedchoueirigroupheaderdfp445340272806 object| moatPrebidApi object| lngtd object| pbjs object| apstag function| admiral object| permutive function| $ function| jQuery string| ballonDOrBox function| $K function| setDimensions function| noTeamSearchResults function| noPlayerSearchResults function| grNone function| showEvents function| showFields function| pickEvents function| hideFields function| pickHalf function| pickPosition function| buildSignal function| buildDL function| drawRanksTable function| drawMatchDateSelector function| drawMatchesList boolean| sponsored string| pp_gemius_identifier function| wt1 function| ftr function| openCountryDialog function| drawHomePage1 function| drawCountryPage1 function| drawSportPage1 function| drawNewsList function| drawNewsPage1 function| drawCompHomePage1 function| drawObjHomePage1 function| drawCompTeamPage1 function| drawCompStadiumPage1 function| drawCompPhotoPage1 function| drawFavCompsBox function| ischecked function| getvalue function| submit function| writeChampions function| ScorersList function| writeScorers function| teamSearchForm function| TeamSearchResults function| playerSearchForm function| PlayerSearchResults function| groupingTableStart function| groupingHeader function| groupingItem function| grS function| ExFrameStart function| ExFrameEnd function| GenericPageStart function| GenericPageEnd function| drawRecentEvents function| mapMatchBox function| fbAsyncInit function| fbq function| _fbq function| declareMatchTimeline function| FreezeTable function| jQueryBridget function| EvEmitter function| getSize object| fizzyUIUtils function| Unidragger function| imagesLoaded function| Flickity function| iFrameResize number| he_page object| dataLayer object| _comscore string| kURL string| GoogleAnalyticsObject function| ga number| catter boolean| dfp number| tz string| bow number| bov number| dev boolean| discuss string| spm object| marquee string| emenut boolean| flk boolean| bot string| emenum object| content_box object| match_box string| video_list string| countrypage object| news object| comps object| related_events object| extraboxes number| surveyID string| surveyQ object| surveyOptions number| surveyMin number| surveyMax number| surveySum number| surveyRunning object| signal number| centreAdID number| centreAdWidth number| centreAdHeight object| _qevents object| confiant object| novatiqSegsInstream object| __cfBeacon function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| 4dm1r11545242527 object| google_tag_manager object| google_tag_data object| FB object| gaplugins object| gaGlobal object| gaData object| COMSCORE object| ns_p object| _aps boolean| apstagLOADED object| apscustom object| ggeac object| google_js_reporting_queue object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet object| __twttrll object| twttr object| __twttr function| quantserve function| __qc object| ezt object| _qoptions object| Criteo object| __buffer object| google_optimize object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt undefined| google_measure_js_timing function| footballCoPlayerRender undefined| bc function| setImmediate function| clearImmediate object| ID5 number| google_unique_id object| __id5_instances number| lngtdDynInterval object| regeneratorRuntime object| ats object| PublisherCommonId object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135

161 Cookies

Domain/Path Name / Value
www.kooora.com/ Name: ASP.NET_SessionId
Value: fw32ez1bcpeb4ukiyvwmz4un
www.kooora.com/ Name: svx1
Value:
www.kooora.com/ Name: kookie
Value: 2947f5d6-f8fd-416f-a328-5ab65493cfe1
www.kooora.com/ Name: kookie2
Value: 2947f5d6-f8fd-416f-a328-5ab65493cfe1
www.kooora.com/ Name: lngtd-sdp
Value: 1
www.kooora.com/ Name: scountry
Value: ca
.kooora.com/ Name: _gid
Value: GA1.2.1007650714.1692283740
.kooora.com/ Name: permutive-id
Value: d913eb4c-45ba-4d64-aee4-1085e6759b84
.scorecardresearch.com/ Name: UID
Value: 14F76700c483e65d5f82c7c1692283740
.f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co/ Name: pxid
Value: 91bf8406-54db-478d-9778-ac75c4f366b1
www.kooora.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.kooora.com/ Name: undefined
Value: 22e31d2e-e1a9-4577-8421-0c1a1a3570c7
.kooora.com/ Name: _ga_Q2V3M512SC
Value: GS1.1.1692283740.1.0.1692283740.0.0.0
.kooora.com/ Name: _ga
Value: GA1.1.157664921.1692283740
.kooora.com/ Name: _fbp
Value: fb.1.1692283740932.1288059443
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wOC0xN1QxNDo0OTowMC45NjIxODIyODVaIiwicHVibWF0aWMiOiIyMDIzLTA4LTE3VDE0OjQ5OjAwLjk2MjE3MzYwNloiLCJydWJpY29uIjoiMjAyMy0wOC0xN1QxNDo0OTowMC45NjIxNzc5NDJaIiwieWFob28iOiIyMDIzLTA4LTE3VDE0OjQ5OjAwLjk2MjE4MDU1NFoifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiZDY1NzJkZDktMjZhOS00YzgxLTg1Y2QtZTZlOWEyY2U5ZjQ3IiwiZXhwaXJlcyI6IjIwMjMtMTAtMTZUMTQ6NDk6MDAuOTYxMjE5MTI0WiJ9fSwiYmRheSI6IjIwMjMtMDgtMTdUMTQ6NDk6MDAuOTYxMTM1Mzc4WiJ9
.rubiconproject.com/ Name: khaos
Value: LLFA1NIG-Q-D1JW
.kooora.com/ Name: _gat
Value: 1
.quantserve.com/ Name: mc
Value: 64de335d-798c5-848ad-2a4aa
.kooora.com/ Name: __qca
Value: P0-623771001-1692283740798
.amazon-adsystem.com/ Name: ad-id
Value: A7Up80_r1kRFq9V18dUOG3g
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.script.ac/ Name: __cf_bm
Value: 5Xaff9o4UxOngemwftZIIrJxZ.Nw5HMJe1Df.czapXg-1692283741-0-AUIOJyIaSViXgMH9EIJF7TC0dOhS3kjGtCeUZbQMIvAH9t/vKi773a+lo+DRoAff4vekfTjDVxmTGq8+xaqOKuQ=
.doubleclick.net/ Name: IDE
Value: AHWqTUmLhK1f7B2mGSf0-e9qNG2tQdtFghYMun5zJlqKgOt5CWqir095jgZbsj3rvxU
.kooora.com/ Name: __gads
Value: ID=19047f30dffc240c:T=1692283741:RT=1692283741:S=ALNI_MYDNBcSoTkoEMmhYuZw_es0f0gACQ
.kooora.com/ Name: __gpi
Value: UID=00000d8bda3b6a35:T=1692283741:RT=1692283741:S=ALNI_MYYTi9jPKTaGvjsnBc3xGXaHLHWxQ
.smaato.net/ Name: SCM
Value: caa9582fde
.kooora.com/ Name: _awl
Value: 2.1692283741.5-ea80cbf3a06fda9dcfbffc789028aea4-6763652d75732d63656e7472616c31-0
.smaato.net/ Name: SCMaps
Value: caa9582fde
.casalemedia.com/ Name: CMID
Value: ZN4zX8l3BI2lD4f.iBTJdgAA
.casalemedia.com/ Name: CMPS
Value: 1246
.casalemedia.com/ Name: CMPRO
Value: 1246
.adnxs.com/ Name: uuid2
Value: 8694686486495607686
.smartadserver.com/ Name: pid
Value: 8330000753667799435
.adsrvr.org/ Name: TDID
Value: 847b7d9c-55d6-42cc-9691-075eba001ca9
www.kooora.com/ Name: _lr_geo_location
Value: CA
.kooora.com/ Name: _admrla
Value: 2.2-604bc72149bd78d4-33e2098d-3d0b-11ee-90ef-bffc805f7bc5
.adgrx.com/ Name: ADGRX_UID
Value: 3587bb3e-3d0d-11ee-8b39-a76b6e9388c8
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.lijit.com/ Name: ljt_reader
Value: HKp5jPZH_l8WyPPsTz-RKbqb
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNLM0NrE0NjYx1lEyQuVamKBJm4H5RsZGZpYgviWK%2BloAjOYQOQ%3D%3D
.simpli.fi/ Name: suid
Value: F06F4657B4DC41A98AF08A5C4D894A39
.lijit.com/ Name: _ljtrtb_92
Value: 8694686486495607686
.lijit.com/ Name: _ljtrtb_2
Value: F06F4657B4DC41A98AF08A5C4D894A39
.bidswitch.net/ Name: tuuid
Value: 25eb8aba-fd6b-4643-b4cb-d725fb46b102
.bidswitch.net/ Name: c
Value: 1692283744
.bidswitch.net/ Name: tuuid_lu
Value: 1692283744
.gumgum.com/ Name: vst
Value: u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b
.creativecdn.com/ Name: u
Value: 7DTiB4Hi0bCV8S6dItDd
.creativecdn.com/ Name: ts
Value: 1692283744
.lijit.com/ Name: _ljtrtb_80
Value: LLFA1NIG-Q-D1JW
.lijit.com/ Name: _ljtrtb_84
Value: c:dd9559e307de97e659e30f3d1031aef7
.yahoo.com/ Name: A3
Value: d=AQABBGEz3mQCEASWRRhZWyQMzeUPZZftajUFEgEBAQGE32ToZAAAAAAA_eMAAA&S=AQAAAmICfHMugFs_X1RfnvXjgDQ
.rubiconproject.com/ Name: audit
Value: 1|clb2f5t+FPoJYqtgthv3uQJpdVl+8HYpXTzohfC10Ag9wCX9rMEASnwVee9ghx7lN7z4K5fAX8Ui+YQF72mVaWgAKsdfsmBN3OlDu/ORdD8=
pool.admedo.com/ Name: tuuid
Value: 9f9b89f6-f844-4df7-b6ae-f47ff35a9ce5
pool.admedo.com/ Name: c
Value: 1692283745
pool.admedo.com/ Name: tuuid_lu
Value: 1692283745
.360yield.com/ Name: tuuid
Value: 640ab08d-f0a8-4d4c-a0d5-6e7b56ce551a
.360yield.com/ Name: tuuid_lu
Value: 1692283745
.linkedin.com/ Name: bcookie
Value: "v=2&9b75a15d-8bc1-4c95-83f3-b2230b183b44"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2991:u=1:x=1:i=1692283745:t=1692370145:v=2:sig=AQEuwTp2kE_N70FnkMPtwa0nN-i5ZeXm"
.tremorhub.com/ Name: tvid
Value: e99722df727d4fc59d7903cf2b23295a
.tremorhub.com/ Name: tv_UIDF
Value: CAESEIM1K-DgPfga-2XfSFhIXqo
.tremorhub.com/ Name: tvssa
Value: 1692283746002
www.kooora.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22847b7d9c-55d6-42cc-9691-075eba001ca9%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-07-17T14%3A49%3A06%22%7D
.33across.com/ Name: check
Value: true
ads.avct.cloud/ Name: uuid
Value: 8a981ae1-e2ed-4cc0-84f3-f492f49cfff1
.id5-sync.com/ Name: callback
Value:
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 48B8FE71-87BF-49C4-B613-4E30BB4CA753
.doubleclick.net/ Name: APC
Value: AfxxVi7UE219TU6w8lbWSSKjsB-BaGYh1c3xu20A4fX7vuuIaDaqGA
.openx.net/ Name: i
Value: 7cbc570f-8912-41a1-b441-743891723c48|1692283747
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?ir+UJu!]tbPl1M>e)ZlrFUfJ+tGXxoPQKLba:Cx!ZSclus:EV`fM*J?nYvq$)8J2UK3If)y3KL9D3I?-!:QnnC
.teads.tv/ Name: tt_viewer
Value: 8d2f7bca-bb29-485f-bcc6-e9790b2be865
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZN4zYwAAADl7zgBV
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adform.net/ Name: C
Value: 1
.adkernel.com/ Name: ADKUID
Value: A3586139029764454556
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: a9d9cdde96840b45e0c437b6a06ce491
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSLRMsUxOSUm1NLMwMUgyMU01SDYxNk8ySzQwS041sTRkAIKUe8bJIBoKAGSACvE%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIuWecDKSgAAAXdQHZ"
.adform.net/ Name: uid
Value: 3900458072299293864
.kooora.com/ Name: panoramaId_expiry
Value: 1692370147526
.kooora.com/ Name: _cc_id
Value: a9d9cdde96840b45e0c437b6a06ce491
.outbrain.com/ Name: obuid
Value: eded5ae9-2b3e-4d92-bb80-ef484febf565
.zemanta.com/ Name: zuid
Value: xrm0xwXnk1uMja9XyzMN
.go.sonobi.com/ Name: __uis
Value: 2b06780c-1301-4f94-a05e-62f8319ca4e8
.go.sonobi.com/ Name: HAPLB8G
Value: s86204|ZN4zZ
.bluekai.com/ Name: bku
Value: ikG99sxplZuOHk6t
.yieldmo.com/ Name: yieldmo_id
Value: 3mMLUppjjLp8WchmtRW2%7C1692230400000%7C0
.semasio.net/ Name: SEUNCY
Value: BF150BEED929E14
.contextweb.com/ Name: V
Value: A4xpGIB3vnmN
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: be15783f93e28e2f
.mathtag.com/ Name: uuid
Value: 9d3664de-3365-4600-8ec4-eb3d8ed9252e
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ea67a503-396b-4983-9213-9a281b2e891f-005%22%7D
.adx.opera.com/ Name: UID
Value: OPU7e63d4cd251d4d249033d87836485c8d
.tapad.com/ Name: TapAd_TS
Value: 1692283749447
.tapad.com/ Name: TapAd_DID
Value: 9a5d171d-aafb-4508-b46b-f03ccade1bf4
.id5-sync.com/ Name: 3pi
Value: 112#1692283748718#2035103058#BF150BEED929E14|434#1692283748115#-1883024899|2#1692283749257#589348912#8694686486495607686|3#1692283749050#627367864#9d3664de-3365-4600-8ec4-eb3d8ed9252e|264#1692283747352#1697056405#847b7d9c-55d6-42cc-9691-075eba001ca9|441#1692283746878#-1867454905#u_f37ef7a9-4fed-4264-98fd-62b2817e8a3b|108#1692283749588#1128348887|429#1692283747129#611861793#48B8FE71-87BF-49C4-B613-4E30BB4CA753
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5510
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGWqrJuDMu4RWOxwWwbAwbA&KRTB&23025-CAESEGWqrJuDMu4RWOxwWwbAwbA&KRTB&23386-CAESEGWqrJuDMu4RWOxwWwbAwbA
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:F06F4657B4DC41A98AF08A5C4D894A39&KRTB&23489-uid:F06F4657B4DC41A98AF08A5C4D894A39
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AACSYE7JvGcAACSJx0ka_g
.turn.com/ Name: uid
Value: 9147173338477009151
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230817144910+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uid
Value: 5F59504996924B16A617F7F0FD30CB04
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-847b7d9c-55d6-42cc-9691-075eba001ca9&KRTB&22918-847b7d9c-55d6-42cc-9691-075eba001ca9&KRTB&23031-847b7d9c-55d6-42cc-9691-075eba001ca9
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8694686486495607686&KRTB&23339-8694686486495607686
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-9147173338477009151&KRTB&23150-9147173338477009151
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1mc9|2N.0.AAAB5r9OBbWjzQMo-_DaAAAAAAA|4is.0.CAESEKvvhD9yHZpK-0dDsWuDWeI|7bq.0.1|7dN.0.AACSYE7JvGcAACSJx0ka_g
.smartadserver.com/ Name: csync
Value: 127:AACSYE7JvGcAACSJx0ka_g
.id5-sync.com/ Name: id5
Value: e6d8ca39-0946-7685-ac3b-16bbfbacab6b#1692283746596#3
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACSYE7JvGcAACSJx0ka_g
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~2dee
.3lift.com/ Name: tluid
Value: 760996673845262888508
.sportradarserving.com/ Name: zuuid
Value: c9420533-3b59-40f6-b4a8-ccf8a952b639
.sportradarserving.com/ Name: c
Value: 1692283750
.sportradarserving.com/ Name: zuuid_lu
Value: 1692283750
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1692283750
.pubmatic.com/ Name: SPugT
Value: 1692283751
.socdm.com/ Name: SOC
Value: ZN4zZ8Co8YAAAGxBvH4AAAAA
.resetdigital.co/ Name: ckbk
Value: 0000010A798DB20C
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.quantserve.com/ Name: d
Value: ELQBCwHdKfijAA
.lijit.com/ Name: ljtrtb
Value: eJwdi80KwjAQhN9lzxZ2zWZ%2FelsbIkoRPHkWk75E8d1NhTl8zMy3wxlmqCiVJeuFy8IUblHRIi9czDmSwwkMx29da9Djdp2eU6H7a9R%2B6CbOYsIjngV18GHwmD5za56z94TaumuXP2%2BpESZ6903h%2BwOlfB6m
.lijit.com/ Name: _ljtrtb_26
Value: 25eb8aba-fd6b-4643-b4cb-d725fb46b102
.dotomi.com/ Name: DotomiTest
Value: 8e4407dc537050b
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-3587bb3e-3d0d-11ee-8b39-a76b6e9388c8&KRTB&23275-3587bb3e-3d0d-11ee-8b39-a76b6e9388c8
.pubmatic.com/ Name: PugT
Value: 1692283752
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-9BqmuvEd97vvGfvnoRvv5_YWo7vvHKPro09crIiD&KRTB&19420-9BqmuvEd97vvGfvnoRvv5_YWo7vvHKPro09crIiD&KRTB&22979-9BqmuvEd97vvGfvnoRvv5_YWo7vvHKPro09crIiD&KRTB&23403-9BqmuvEd97vvGfvnoRvv5_YWo7vvHKPro09crIiD
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 160521:4
.pubmatic.com/ Name: DPSync3
Value: 1693440000%3A261_258_245_201_263_256_260_236_259_262%7C1692835200%3A252_265_253%7C1692316800%3A255_248%7C1693267200%3A257
.pubmatic.com/ Name: SyncRTB3
Value: 1693440000%3A176_165_240_234_264_99_21_250_13_220_22_55_214_96_239_46_54_249_204_5_104_178_3_231_166_71_233_48_8_56%7C1693526400%3A35%7C1692835200%3A15_2_223%7C1694822400%3A224%7C1693094400%3A63
.deepintent.com/ Name: CDIUSER
Value: di_c7e087fc87e64697b5919
.mxptint.net/ Name: mxpim
Value: R35CA9_1078E4722_1D55926A.1.64DE33600000000064DE3368
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAByq5L7778LwNA_Lk1AAAAAAA&KRTB&22713-AAAByq5L7778LwNA_Lk1AAAAAAA&KRTB&22715-AAAByq5L7778LwNA_Lk1AAAAAAA
.bfmio.com/ Name: __187_cid
Value: 48B8FE71-87BF-49C4-B613-4E30BB4CA753
.bfmio.com/ Name: __io_cid
Value: e8bec9fab5a6277e0a423153932f31f9b78db480
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CA9_1078E4722_1D55926A&KRTB&23092-R35CA9_1078E4722_1D55926A
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3900458072299293864&KRTB&23263-3900458072299293864&KRTB&23481-3900458072299293864
.thrtle.com/ Name: mc
Value: eyJpZCI6IjdmYTY5YzE4LTdhODYtNGU5OS1hNDFjLTM4NmNlNWFiNjcxOSIsImwiOjE2OTIyODM3NTI4NTEsInQiOjF9
.ctnsnet.com/ Name: cid
Value: b10ce1869d5a4ec1bf94cebb4944b725
.ipredictive.com/ Name: cu
Value: 29b525d6-da02-4f20-a36a-8e59bebcbb13|1692283752863
.aralego.com/ Name: sspid
Value: eef860ad-3fd7-3b57-ad0e-cf11e4069552
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-29b525d6-da02-4f20-a36a-8e59bebcbb13&KRTB&23011-29b525d6-da02-4f20-a36a-8e59bebcbb13&KRTB&23355-29b525d6-da02-4f20-a36a-8e59bebcbb13
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ea67a503-396b-4983-9213-9a281b2e891f-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-48B8FE71-87BF-49C4-B613-4E30BB4CA753&KRTB&23413-48B8FE71-87BF-49C4-B613-4E30BB4CA753&KRTB&23479-48B8FE71-87BF-49C4-B613-4E30BB4CA753&KRTB&23505-48B8FE71-87BF-49C4-B613-4E30BB4CA753
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI9sm0neTOjzwQBRIVCgZnb29nbGUSCwiCzbap5M6PPBAFEhYKB3J1Ymljb24SCwiUr66u5M6PPBAFEhcKCHB1Ym1hdGljEgsI4P6N2uTOjzwQBRIUCgV0YXBhZBILCMDp19rkzo88EAUYASABKAIyCwi-iK-l-86PPBAFOAFaB253dXNsdW1gAg..
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-ea67a503-396b-4983-9213-9a281b2e891f-005&KRTB&17107-RX-ea67a503-396b-4983-9213-9a281b2e891f-005
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_3b1b2d10-3d0d-11ee-ae43-1202f1c33782
.kargo.com/ Name: ktcid
Value: a919d412-81f6-0f34-5444-8940016e6aa6

6 Console Messages

Source Level URL
Text
other warning URL: https://www.kooora.com/(Line 5)
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://gaae.hit.gemius.pl/xgemius.js
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
deprecation warning URL: https://script.4dex.io/localstore.js
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other warning URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 89)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2048B8FE71-87BF-49C4-B613-4E30BB4CA753&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options Deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

36b26107b766bded3c55c2c941b4a3a0.safeframe.googlesyndication.com
4929e1cd173937799a59d89292478d06.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ae-gmtdmp.mookie1.com
aep.mxptint.net
amazon-tam-match.dotomi.com
aorta.clickagy.com
ap.lijit.com
api.btloader.com
api.permutive.com
ats.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
btloader.com
c.amazon-adsystem.com
c.aps.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
cadmus.script.ac
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.fcp.codes
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
conf.lngtd.com
connect.facebook.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csync.loopme.me
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co
fastlane.rubiconproject.com
fcp-api.footballco.cloud
fonts.googleapis.com
gaae.hit.gemius.pl
geo.privacymanager.io
gocm.c.appier.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlesync.permutive.com
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.kooora.com
io.narrative.io
ipac.ctnsnet.com
it.lngtd.com
js-sec.indexww.com
ktv.kooora.ws
lb.eu-1-id5-sync.com
lexicon.33across.com
lngtd.com
longitudeads-com.videoplayerhub.com
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
mp.4dex.io
mweb.ck.inmobi.com
o.kooora.com
odr.mookie1.com
p.lngtdv.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
players.brightcove.net
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
protected-by.clarium.io
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
roseincome.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spadsync.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssp.api.tappx.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync2.resetdigital.co
synchroscript.deliveryengine.adswizz.com
syndication.twitter.com
t.adx.opera.com
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usersync.gumgum.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.kooora.com
x.bidswitch.net
z.moatads.com
a.tribalfusion.com
ads.playground.xyz
amazon-tam-match.dotomi.com
bpi.rtactivate.com
cs-server-s2s.yellowblue.io
fonts.googleapis.com
gaae.hit.gemius.pl
gocm.c.appier.net
gum.criteo.com
i.liadm.com
id5-sync.com
idsync.rlcdn.com
io.narrative.io
match.sharethrough.com
mweb.ck.inmobi.com
pagead2.googlesyndication.com
players.brightcove.net
script.4dex.io
securepubads.g.doubleclick.net
ssp.api.tappx.com
sync.crwdcntrl.net
u.openx.net
www.kooora.com
104.16.57.101
104.17.25.14
104.18.11.47
104.18.2.114
104.18.22.145
104.18.23.251
104.18.24.185
104.18.25.185
104.18.4.165
104.18.8.101
104.19.149.54
104.22.52.86
104.244.42.72
104.26.2.70
104.26.6.139
104.26.8.50
104.36.115.111
104.36.115.113
107.20.73.155
108.139.47.33
108.156.180.227
124.146.215.45
13.107.42.14
130.211.23.194
141.148.8.2
142.250.64.72
142.250.65.198
142.250.65.225
142.250.72.98
142.251.41.6
151.101.1.108
151.101.130.49
151.101.65.229
156.146.36.24
162.19.138.120
162.210.196.208
162.248.18.34
162.248.18.37
165.254.203.172
169.197.150.8
172.217.13.100
172.217.13.162
172.217.13.163
172.217.13.174
172.217.13.193
172.217.13.194
172.217.13.97
172.217.13.98
172.253.63.155
172.67.75.241
173.231.178.77
174.137.133.49
18.164.124.111
18.205.99.4
18.207.85.110
18.238.25.42
18.238.4.65
18.238.8.230
184.50.205.247
185.167.164.39
185.184.8.90
192.184.68.215
192.229.163.25
192.40.39.223
193.122.128.135
198.148.27.131
199.127.204.147
199.38.167.131
20.127.253.7
207.198.113.87
216.200.232.253
216.239.34.21
23.105.12.171
23.105.12.173
23.196.184.208
23.200.197.46
23.33.40.208
23.4.226.82
23.41.169.149
23.53.174.85
3.11.50.69
3.160.5.11
3.160.5.39
3.160.5.85
3.160.5.98
3.211.37.116
3.213.30.187
3.214.238.123
3.225.160.247
3.230.217.116
3.234.113.180
3.33.220.150
31.13.71.36
31.13.71.7
34.102.163.6
34.107.254.252
34.110.181.170
34.111.113.62
34.160.111.29
34.200.65.202
34.201.190.211
34.206.18.162
34.98.64.218
35.186.193.173
35.190.90.30
35.194.66.159
35.210.53.219
35.211.124.105
35.211.178.172
35.211.233.246
35.214.143.138
35.241.9.51
35.244.193.51
35.71.139.29
38.98.139.150
38.98.69.175
40.76.134.238
44.207.104.173
50.116.194.21
50.57.31.206
51.222.105.60
52.20.44.137
52.205.57.26
52.207.45.55
52.210.102.189
52.45.151.151
52.45.175.185
52.46.128.147
52.5.86.220
52.7.24.177
54.146.222.254
54.158.193.202
54.204.52.200
54.88.169.209
63.251.86.49
63.251.86.51
64.202.112.159
64.202.112.63
67.220.228.201
68.67.160.186
69.166.1.35
69.90.254.78
74.119.119.129
74.119.119.131
74.119.119.150
8.18.45.41
8.28.7.83
8.43.72.41
8.43.72.97
8.43.72.98
80.77.87.166
82.145.213.8
96.17.65.140
0382f1f366efbaf6e18e2e62662a0224533fa6ae97863bc790b75ef32c898e38
0387ea6b20d603156158d46cdf51eccaa0acd032952b21882be94d65af124115
03d36f8b41f20219fb222c0250db69532a702571a63fedf8df1e808e7d1fe0f2
0498c6013137a461c0fad55fba7437d3393078d07f551f1d58dde875c65ada24
04b336e0ca2d8a39f204f683953291cef8a696f0d0a5b6eb56289f9ea4f29603
05c921ba6dfc4db4831582a4ad6b9fbbe85a17d7b47fab7ba37f8f1f2838830c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0703cc4545fac83194e11d16a1bb31b2baf36af44c7934d0f3a10d1725119c31
07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de69df19c3376cccd974c9edda9cb3c3dbf935f0162a15ed1cb883b461ebe58
0ff717c5bf6d5b9ea3545c92ee1804d80eaf19c377f21f5ca55a9f7ca2bb60c3
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1634af52891cf2cb3f5427af828af3bffc79d29607d4b2bc0ef8f750bd6c10f3
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1689a4ad9864da0946649d3f295a30b78d01dbfb2e9900b660882d5d3995298c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1899a7b496387d4935d7742b1f2f14d9f5d71bd83f58f512d5b0a039eda030ec
1900c0a2e68c2af6b11c45334ea4315ee78efd906aa33d67b890ea108912c3dc
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
195dbefc2d69570380eaa910f894c45a32c267d4612e6e539463d28ae875ca0a
199104ac0bbf4e7323a9d28a15970affa824b6837c8c263a47c8ee123c782bc7
1c45c2e297a7640f327df2840be1493e87327c70b5044d59c1e72d27a91606ae
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2084a408aee60307cfd795a3eec3c32e68920dd0455e2da7cf4fbc9477896228
20cf0586f837d1a2b4dea3b96722ed042096afcbc82de8c63acd3224a1e9f5b3
218beee6ace97fe31856f3d4782c23b31880a8bb38b4e205bad87bb1c4a70860
2298dd946d27de7d6853ec23e68b0772f6cf407e977bb3fd1e6abf97c75852af
23d8244b38a93e5ea52302f08a414a58432623738ef4c423d76d9a0408386f64
24507d561f29021a7c493bfe6440af03487e2c394e89674a9fa6f944ecdf5f21
24a63e68ee71cc18a1881114eba33be36f068d200b530f03fa7eadca882c62db
24f6cc97f74939720de02adcb49ffd9a04189c5b547e775b7308cf2ed21f4288
255a2b3179669a9c85193653e69c78154b486da341891e01125a68c1cbb03348
25a7efdd88fb12c342f6f65d0b981471131974ffcea292d4b3e247013f1f6a32
269d71007931b5e0f88629938943f4d936455963c75aca95ccc8bf0212aff52b
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
2b6d4d5d1f8e53b2c01974480409d60f1044b01a01f5d7e52ef1de31233dd90c
2c14365744193db71ba549eecfeffc294cf641b47abd9ccb11d1700ef824be1c
2c8fa0569d13f919ba1cf92680fe0249338747fb4994bbed7181b9bcc6b61702
2da2f21f51f34d780256626fd1b70601aa08e07cb6ff82c2a2d06617e50a2705
2dae4ef0191b2cb2bcaf25e7e6e2e7379b8ca950d14f1e421bb4d3b48333d74a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea7b825ce69a84589a7985fa53583fa1d15f0c18eb692788c1b8e045e0e6469
2ed5d5dc3fdedd0964130484e9857e1c17e80e97492cda8aa9a2a4d1a70c1ce3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3125379545cb52e31916686d279a798c62a79717f8d3a462fee2fe1f7b345198
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
3395d844acd8ef620a740cadebabf53de365a0e25aad01ef2b9966f4d099db58
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34d1d11a74873097624404cf64022ffcb92322eea98e9a96124f450cd402180e
36ed217ae5545d49d8aa78c1b0cdadb7ba83caf019f4550222bf13f5d475ffa8
3837f1faaca0e78be81c2a2946152fbcfaf5fa126aa3d50dba51833d8764e2f5
38ca0a41b42d248048fa00ddc156486b2e9b8ff3a140461d62c19c37a0a838ac
391dddacbcfc534c5ee92050161cca7adffa50a4a27adf94abd3cfb4884c51ca
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39c30816a09db9640de815aff15a3862571b139f097858b4d4a99ab93860bff9
3af5eb0a2aff5a7cc166af77088a4c1288bfbb3f9a1d8ac7e384c95768b98c3c
3c62ffb891f279e0bcc09f29aa6d17275f97f491ab8b94140bc8c78e4061061f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4011d1cca56b8e58a333c4c4e05bf7d14978c0abb3da7a3a8761e6bdf56628fe
41d0b43097d2e91cdd15c337dee519cd5076233fde28994d53e2d27171bbfd1c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42cc58d347935bf8465a7d64fd8c25400b4199cf6c9331efbf850c21a0a895eb
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a7b42d08cf6b05d2cf15801f2f4705efe96b5f71f8cc3c63bc78b8f2ac04ed
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
459b6cbe53e7b1587f39470f544d76b1a08cf3a271b71a960f54f8c0c9b98b84
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47ba7e111914cd75287c93e072b6354cf34f5e0d0d0809b510aba75699cbc708
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49bad7103c94bb5778929dfb5c12ab2cf31d169e37dc97562491d1de96b52a35
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4bd6ad3bfb279b72b49ec2e10cad1470e1535b22479dd63c33544c43313d5020
4d21e93f075c262d3f03a171a571f8fdf14ac5b95f7f6d3e805976d06795a4cd
4d660d7b4bd200fd543c4819f54719a7eeb2ad327975910bca20e5a78ca5a2d6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0eb13f2294548483e6db67f893ab629514d33b9426432da94004f0e319468a
4f751763bb6d0a18eab92ef9c19732211470b950f35c867e97f4e1e772fabfaf
4ff1a4fe45ba132fcadbd101aee08f6907fead47bc9f72ff72eba286599a08ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53ae1c69ff2011837d0aeda6a2393bcbb682601f32f17e72b9824cb53fb6491f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55adf972ae894b7664aaa4cfad8cb1f591cfc9d875a6a9ad366479d12097e93c
560b034f57d218c339e87f189507520b350ee0cadc412fe2ceb36ec7c32a1031
566ae979cccb2f7f10e77057cc66ed2ba8b45f812211174c4bfcde2bcea50966
58044c1a27123a153fa1dba2b275c3fe7d54910dba92829c77f96070a481f715
583c62c4e65663d4664b3c51da96ee4f204b51f892b1266e8c2bb69f8437e720
599c91dab76b3508b5d6cdc6fbb71a1e123d10f8ce7d385ae47b3f0c2bc81522
5b74a05f829160ff34d7bb8530e9a07669134357b6114cdb408977902130b3fe
5c96e566bf246c4e23778b1618021b7a24dd1107fa93779df21ac41504d6910f
5f7f7afdfbbf8d9348ca6edf069ba4a747a33a2c13eb27df9f9d0cfa3c3ab88c
6024ad1a5e0ad8fef401194a4b863f1c173f7da24f93485bd3a8e23e898fb824
6118597847167dfd90f03ce02ec59e8f0247287b863caeff182b3b6cfceb1eb3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6398f2d93e914fddd56f93b3369915d696a8e3d4c89aecd1f342988f984d6d51
644df5c481db69370711a735e45dd9fac91e83ded8a885841b1e610e7d3f24d9
65953a5e75860eab32e10e5525a95f5fcd624b1e20f5b57956b00966619d3660
679dc2efc8cd7cdac066ac36fdbdbd59206d5890391e1f8d182cd07142cee4f8
682aadade7d52d94f7c2f6bd5038085bfcd36cc8c9697c157d7aa92e1f019d37
692704a621ff1feb0954be8fc268f40359a90519d7795dece220c29aae41a071
6936ea19849e01173fad2dce719bf902cd609ea52610e2a14ede6496082cb4a6
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
699cf7a35cee825c50bcca1df27f97d84fea287c927297d9a11f6384d2eb9eed
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ba2413acd502e6d0f8d42330fed8affcc9fcc32d947c9b06208f303d6419f4d
6bee8a92697b6c2d57ad32724d8e64fd2e6e17e3a423710c0b2a099ab7d985e1
6e7d368e372bf829321cbf24654ad15d9165e5b05b1fe245c68102cf68b52583
73d84a380010925b59a7b70669f06daa034e4a3bf9a21edaadc6725d9bfe5d2e
73ef45eb43ca353ddd90aaf3d3a7e7e25d480c47c5eb5888be4adb39bf4c03dd
74694df397a6bf27ab13b130fef7748305116fa05960a7a9f1507dd8fe9c46c1
74aefc384f7f0ca2e9891a439f1c63f4a217848904af23e7623f4245f64ff7c9
74bdf5ec34cadc0bd43030b5e8ff99134c4548f063565ed5cddaa009aedbb656
74ebe79b169c396871565d4737d1ca8827be84bda482995fd36b9bcb4394179f
7527a0e40c25a9ba48530c7e277c54ef29a6297d0190fb1a66a69d9c9e4e6dec
753e5c5127eb4dc9ee1bbafa09a29db5d41480105d3351b60438b4c5a308ac03
75f4ffa37f1248e72a8a1694f0ddda6a01e8a9de7762db4e5e45839577f898a1
7813e41939ba82b321af54390f175b3e34c5042642d126c450c358e61050f049
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
7d98c7c4d9cad234790ed1ebdd0d1f1b405fa3908db0ae007d39f87ab065e504
7f460a54adf8bc1f683efddaaecc39e6597ffb3f7543bcbfc8f64f04574f8b42
8033130618036a0bca81727ac74ec14ffe1872e0b3ed17206473f5489b8e0ab4
8117a8bfa8e3a0ee9243c9de2019a7b2b8aa42f026bc944b1d32b073fb25ad02
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
877351236b1f2ac8d0a548ccff57d558bd71b9e551b74bcd6eeadeb4a301a0a7
878212a585911ada9a6eba449fb3333582d083a246cd0eed9f84ea4e6f293a9c
88072e690c49cec375d277814633f1a48ab8d705634279e06cdf957cc731c6f1
88abf3ce1d1117bee245c6698532df3b4cc81dc6ecf78c50f71469c1785f04b7
8929f8dd8d5f2cd5e2c11219f75e4bbd852f041a44f7372c3d68bc650452e57a
894b713e7a1cf5b2c8276d264e241a9e55e291dc6f5d6eb3c850eb551a575bd9
8b2d294d358e8c61554376dc0f96563380187cf9a6ace3de238624b99ba2ab17
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbc22ac0742e93135812f6f14725658ac038f2d4783d374efb308e457786bf5
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
8f70235177dc9754c007d4a54dbf6e9fb5efcba673705d95aadb46d3ac286b19
91979a49f4bf0e057ca82e49aeac4e8d3e742dd2f605c968a0a7be89f7aab682
924916d8ff5522aba66bf00152f1b3d9c0f6d40eeef72a4d127fee9d20e4fde4
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94c9982c1d90a77ca62b84a0f734b9b9cbb8fa71815afe640ec12bacc9a77826
95144980d4b3076ad1943c8dbf42c3b90fedde6a10a2d94f3863713f4b31abb6
9536b903487cfcbd868844165c6283907a2c9dc59079cbb2d9fd16df8d83573c
959c60ac8e864e0ef78f716ef18bf9dc455d5fe616b3e47dd151abf5ba99ce9c
960d6b2a955f35475f2997a46ff2165b3348f60594c5b81d6acfb6382bbb489f
97214a8e0633cad3a16d3980417c251b252b9f63793fa1656e14bc7c30b218fb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b52fae74fa35cc27a0acf9a38ac2b80cfc32556831789137ccaca20736dfe9a
9c61c48992364c24bde80e068c4fb4abfb05ff8243cb0110502ab8ead4755233
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
9db621dc2056467e97edddb76820644deb47c3afca1eb7a09db2157e6a310fd9
9e145d8c98ae544d9f5e3aa54990795c88cbb01f0b8026d6b20203be3a6a0002
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a29534efb33ef6d5114d37c47cdf1a2e164dc7b8903a5dfed315f87f2d974d87
a3469cc8aeae322d73539d67f6875b8ca89ace6e86634acb40f08c6af20119c9
a458c0ada079c70a08291c9cb9682476fedca623d086789f703ee614182097bb
a486131426ebced1501ac2209bb585ca4a75bd43e1de577abbf213441659cede
a4d631e4f03d785a1e935cd31962cd80b394524cc7c3720cf0d43e3f9fbcbd03
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a7cb19060141c7c2dec6266009a79cf953de799b6c4c8b317aec0db08ac0bac6
a874895329a5818037246e8ab0e7e373bdfeda3b35a953f6157767a12cd17093
aaee6a5b79cb0f31008080c26f2ffe014bb0456138f7187cab3eed8361abb135
ac15d285f8a25e4ac97d61cd24be6a063dd44459d09c7856410a9adfbde77184
ac363bd4b019404828a5dda10394e09b81d81751d345ed20d92325bd05d2cf2e
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad62175d8e3aa669b02496a9c7a829f3c924e5687c7c4962e173e287924ec94e
ad885afa26d8fa3ba3bac0bc70f6c8ece88b7f73293b38b9e26a5379a51b8209
ae0e057cbbdb9228ff2b0edf6f630ba7400626a488aee2c6ef54c1e22384819a
af1b984b0e7f4f0a21b042b96c60f9bc8a4a9b6d5e7242c966a676fbf63b16c8
b0f5cbceaebb5151025acb929052d8514ec902d485ec38bd9ba963e9713399f4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17917c9805c64cabba12c84121cfc59b8c28c9a9594efa979c3e18a7b1e3cf5
b1df10b45bf278e34f530ae2acc8ea03f5d888b75579421d19656ba7ef7a755b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b459092a28043cab6e5d0d19e063658c8ece00a70564043569f9a5ae73349cbc
b49e0b22df428d572f37cc586c66682ff5dff1b038a49c4e556f660c38a24041
b55bc0dd548369b55806c374e7837f61c0b6d0c4f4df9aa99369239b06a84137
b68d489b23f997bb7149ebedd970825581bed954ab2e902eeade00b4c651736e
b6bdd917a692c1f858bedc2f1eef23f5fbeeab63e5d6c1fd4aec4e39b6aea3b5
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b7ddf5460c497d2e6e4493a396d369647901d15888348e66673e293cff4439f1
b7f807205142bbe9c42e24df2a3bcdaf29b0027d7a21b7fa9fe816c39d6dc3db
b894ecedeed7425bcca0f14e3e18cc20f0e0bed1ef36b4699c6018a77a21540a
b8b2dee5b1bc15ab229951b9fe6d23214c0cc6031e70c9a5e17abf9c9f7fb081
b9f1f334eb1e6c08aac717173cbf89930c1166459e7b82fabb07c0fdca2442eb
ba6ea77a207ef95520f3f1e20876ae516b04325660bb4ec1b45a79445a9a6bd1
ba786e351399f5c4b307d54d945242ced7e48707f52400f8f7ece6661b433599
bab9c4570132cb268d3a682bd3c1347f1541e0c2c7b11143b29931b031871eef
baf534ce6c637a036328320f63530323cda04575df5320a2ea008790194efb85
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54d8b1ab6563280534c92b06073f1c7794ebf72e4b5f87dadae3c96f28c77e
bb8c8a58fce0d02869d82360aa6f08625a262bb28c8b0273fa43388eadb8e75f
bbdd4d36da7aa04541ebbdfe2e46218731068fe5710610876cecf87f4fbfca74
bd22bfbffa133f578c671f1c8b09f562642c18d683c2d808449e3d39ed760630
bd67b5a29762a0d23c1cbeb00437b98be0a1639d95004714d4819be1ab6c7bdb
bdf6271d34a5efc5e5160859c18bc9e212db482537ed07c99646ece55733060c
c031f2b0c1259ff4d30c233c8fa3c688714db6f7d5028a1721280638ecc8eb29
c21d1138a06d7535d2ddcbc0a4ee9f969eb767d1588add08f9c1959d9437bdb0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c35c80c916b3ffe07b752fbc917a02e76188e1536020b4bc07c30cee971240d0
c38789cc6e1e9944042b6b8f9733268a19271113edc9a54bbf9ca39348989062
c47ea17bb6135de74405fcc9516a888c5a0b45c33166bae448a64e5072c0f562
c47ea55db88336e0161ac540ad884cd93341a68754490469a47b5710016ce14d
c51df680ed83279ebf44fb0d67cdb76a2fd18be3e56bb7d773a3ef55f61427cf
c6683a93750ac98079894bf5e388a2bd5dd0233ed6a8a3b9bbcbf646182d33de
c670082b5f5dbe0bb45b5a1ec886bb3665770d11032ca0c274156c11abc3e7ec
c67e65fac427ec2291154e20834508b42da08c513b8853a546249ebe37ffb6e2
c6cf457ec76b0dac33403f4fccddadbadae0623749919ebb20a9e9b787da7ab6
c76c0d7bffa3322d701e53e12b7041017a5f3d98cbc58950474e069159b61c80
c80bd62900c03bc5aa7793943e3f735816338f6012153ff91caf32c78233e491
c88436a98cb29f7c462815192d5b8b6f03c02d750f6f92cde755296ef4d34af7
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ca15c10d1dcd0eb0d241f1ea17f5391c7c0a14228f28557a10456afe69b7e260
cba2c002ff5e4c686aa42f2c207ec28b9b4f0398bc24f493070b313498df87c2
cbfc5b597e2c8aa506247e588d4f0aabca9ae3bdbbecccd00a1e49cef86df8e3
cd7cf9d4975e46d4ea45d9946c5db4fe0ce340742c6a90bdd581b5e666f41207
cdc218d058fa28839c8b6cd0f672b91a27353a268120a3b5b2c8ceffb6043697
cde6ac2dd164bbac541b2810b5f0d57323476cd2e16663e60d3d7475024e5b5f
ce6213257f3101867fffce20065914eaf6e754325cc281880e35b54da50004a5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6cf3591409e6fa7c59f75147ac9822d46e6ab3ac20b59d136e017762cc505f
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d078baaab13a22fb916997d262db5d0e4d9f6a2334ec28e6489763af6c96fa75
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d17ccefe4f8f44c3aff6a95fad87bededaaf6a57fd4afaf062bc2d2c010310a6
d22c3d0a5bdd32c0b05ab3f6fd442c74d37042253e0ba76418cb4b8a5a777bfc
d37aee913986bb6f09e3356e1bcc0e820ed137ff25bdf0e6b602a40e0672cbc3
d3998bebacda90512287b2d33014765af10be08a50ebefd87903c6c8a020efc4
d3e75692cc89f4ee07cacd11bbbc63036118a399d58c36b4b2171bd68158b529
d4d58e9682386fdfde490b7752064a185c7714adc1dbdcc3961c25911c1cd500
d5776b9cf791151a2e89bae2e3f299f0c448f742bad1652d358af6e79fe7eee0
d58c6923ff2fc30be6c53f9bb70ade9119c70fc894a9ae2dd04326be33969217
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d86ac0dc015d472382f5dc97c9ce7637b3b2957a58c22713f3dfd79ab60e60f9
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
d90089c8fc8f0daacb8b0a1e616b8f546eac289f26bd63a59eec8e554a9427a8
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc2e6ce019b19fe24e71cda095021ad782b90dfbaefb9aa6c2c5aa972b02b393
dd592488b29a94b35d723d53bd0e8a9800a5c8703429fcf0eda57dfd6adc992a
de0e5de5fa5685d991a17b34dc53a96b74946e98f3ede26fda758ac5ff7e0c18
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
defda983025f649ac01c60000be48a1e9f182aeabbbbba40dfde5b613c992c79
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e0f422c803b45a3692f9c7c1c6ca2782f66ea2d0ead09010289d4f295df44155
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4918ba21a35f9c5e2a72693273900cdd74835af7df83fb9e32b7e68c4f5448a
e5c6157324ef5ee70300289ea0906a92c2672bbbf6548669f16e2ed441d55f95
e6132743b7cd093506904400a829a15de0d6820432c24d2532d5da68afde66e8
e6ea4b5a27a0db51da6cc114510bd02fc57edd7f0a6533adf6263507d48fd9f0
e81b46f123d2e1842125d7d419e46d82ea3a30bb6db5b832532139708f45a876
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133
e9431d9a9ebadd267267be72bcabc21039fb8865649de19a4613944529628741
e95168dccc8edd7ab145eb4b964725a594edf74155ec7cb6c0497568be5bf3cb
e9db45058be1372929cdbec61e407319afe334c86bb673d76c13a497c5bf7d42
e9ef5925ffe2a1de47d6a9d3d98f34a0e2d8c774382775275e999c1f50bcf2b9
eb030e7ebc773fd11b72e8b2c0ce7b0dac04230b6c9d22831d70524f48501f99
eb7f13b2885074844ec889a467a7512dd7b8a60254addd6c09b9e180ccd96991
ebf21728d91ec94ee6b9480c88f4548376d21a7ca1150e30da263ac2b0996a4e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6
f1a5d69c6138eb11095bb87211c61a6bc6c722c9dfbfad94f9b55ad2e3d1e294
f332c37a7098bab5fbf85983f7b75f3b2c68c502e09c580e6cda5dc988936c15
f4642e729ba10cd03cedcec9abfcb8b59ee68933207970e77143d9c3d0e2b815
f55b0a1f0ac73e4662c2ae334854e079c0117aa19c1ce72cd66af7b8d6114f46
f6393ae2a254a4b88b33c0abf43c96b929b9225cd5cf8deb1f716074b8a0409f
f93b9f2108b7c08ea2ef4a12bb789c8482a986aced259d46e5e3508134d346e6
fe247ede4c69957697a5e04b66fae6c33cd5038264d780e7c19fd13cfba05ecf
fe2ee2b4f10d657b22c84bc4422f88b3dcce7de07a88aa80cc3cffed4d8e94ed
fed8ec58ee078cf1b2f6ce4ba192991ce05d26a1d9fecf306ca9042bb32d6d7d
feef3f93bc5c39762b41a841a785dfecf36d7337d5769b4d96cfb7565096ed1c
ffac7ebdc410a95636577bf7dc7e0863690454098fef4ad62f90acb8cba3c234