go4kora.com Open in urlscan Pro
2606:4700:3033::6815:125b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://go4kora.com/
Effective URL:
https://go4kora.com/
Submission: On August 09 via manual (August 9th 2022, 5:36:49 pm UTC) from QA — Scanned from DE

Summary HTTP 319 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 49 IPs in 8 countries across 33 domains to perform 319 HTTP transactions. The main IP is 2606:4700:3033::6815:125b, located in United States and belongs to CLOUDFLARENET, US. The main domain is go4kora.com.
TLS certificate: Issued by E1 on July 11th 2022. Valid for: 3 months.

This is the only time go4kora.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 42	2606:4700:303... 2606:4700:3033::6815:125b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
11	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
25	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
7	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
3	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
3	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
1 2	52.95.126.138 52.95.126.138	16509 (AMAZON-02) (AMAZON-02)
1	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:f70... 2a02:26f0:f700:2a3::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 6	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3 11	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
8	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
3	64.233.167.155 64.233.167.155	15169 (GOOGLE) (GOOGLE)
3	159.89.0.197 159.89.0.197	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	213.254.244.26 213.254.244.26	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3	184.51.8.61 184.51.8.61	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
2 2	162.19.80.92 162.19.80.92	16276 (OVH) (OVH)
2 2	3.125.77.13 3.125.77.13	16509 (AMAZON-02) (AMAZON-02)
1 1	3.228.99.19 3.228.99.19	14618 (AMAZON-AES) (AMAZON-AES)
2 2	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 1	2600:9000:206... 2600:9000:206e:c200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.74.12.230 54.74.12.230	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
1 2	209.197.3.19 209.197.3.19	20446 (STACKPATH...) (STACKPATH-CDN)
2	35.176.214.99 35.176.214.99	16509 (AMAZON-02) (AMAZON-02)
4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	52.49.231.213 52.49.231.213	16509 (AMAZON-02) (AMAZON-02)
1	34.253.123.4 34.253.123.4	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
319	49

42 2606:4700:3033::6815:125b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go4kora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.126.138 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f700:2a3::4469 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.249 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.233.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.89.0.197 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

vast.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.254.244.26 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-video-eu.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.51.8.61 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-61.deploy.static.akamaitechnologies.com

secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.80.92 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.77.13 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-77-13.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.99.19 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-99-19.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:c200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.12.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-12-230.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.19 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.214.99 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-214-99.eu-west-2.compute.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.231.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-231-213.eu-west-1.compute.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.123.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-123-4.eu-west-1.compute.amazonaws.com

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 ade.googlesyndication.com — Cisco Umbrella Rank: 297	448 KB
51	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 Failed googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 bid.g.doubleclick.net — Cisco Umbrella Rank: 473 ad.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	490 KB
42	go4kora.com 1 redirects go4kora.com	3 MB
32	demand.supply live.demand.supply — Cisco Umbrella Rank: 35573	81 KB
18	flashtalking.com 1 redirects secure.flashtalking.com — Cisco Umbrella Rank: 2023 cdn.flashtalking.com — Cisco Umbrella Rank: 913 servedby.flashtalking.com — Cisco Umbrella Rank: 710 ad-events.flashtalking.com — Cisco Umbrella Rank: 1982 d9.flashtalking.com — Cisco Umbrella Rank: 1462	138 KB
16	gstatic.com fonts.gstatic.com csi.gstatic.com	186 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 imasdk.googleapis.com — Cisco Umbrella Rank: 448	382 KB
11	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 475 vast.doubleverify.com — Cisco Umbrella Rank: 2044 rtb0.doubleverify.com — Cisco Umbrella Rank: 658 rtbc-frc.doubleverify.com — Cisco Umbrella Rank: 15873 tpsc-video-eu.doubleverify.com — Cisco Umbrella Rank: 21490 vtrk.doubleverify.com — Cisco Umbrella Rank: 1535	32 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	1 KB
9	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 323 Failed aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264	46 KB
8	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 731	228 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 374	109 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	4 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1443 id5-sync.com — Cisco Umbrella Rank: 541	26 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	144 KB
5	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 194811 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 212837	120 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2742 Failed	40 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	226 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8117	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	90 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 679	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
2	dyntrk.com 2 redirects c.eu1.dyntrk.com — Cisco Umbrella Rank: 5115	1 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1685	650 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	65 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	90 KB
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 701	35 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 704	440 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 749	699 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 826	709 B
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5312	5 KB
1	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 201180 Failed	8 KB
319	33

	Domain	Requested by
42	go4kora.com	1 redirects go4kora.com
32	live.demand.supply	go4kora.com live.demand.supply
27	pagead2.googlesyndication.com	live.demand.supply securepubads.g.doubleclick.net 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
25	tpc.googlesyndication.com	securepubads.g.doubleclick.net 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com go4kora.com imasdk.googleapis.com ad.doubleclick.net
25	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net go4kora.com 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
11	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
10	cdn.flashtalking.com
8	csi.gstatic.com	imasdk.googleapis.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com go4kora.com
8	fonts.gstatic.com	fonts.googleapis.com
8	maxcdn.bootstrapcdn.com	go4kora.com maxcdn.bootstrapcdn.com
7	c.amazon-adsystem.com	live.demand.supply c.amazon-adsystem.com
6	imasdk.googleapis.com	8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
6	www.google.com	1 redirects 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com go4kora.com tpc.googlesyndication.com
6	fonts.googleapis.com	go4kora.com 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	jscdn.greeter.me securepubads.g.doubleclick.net 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
4	ade.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com go4kora.com
4	www.googletagmanager.com	go4kora.com www.googletagmanager.com
3	tpsc-video-eu.doubleverify.com
3	googleads4.g.doubleclick.net	ad.doubleclick.net
3	secure.flashtalking.com	imasdk.googleapis.com
3	vast.doubleverify.com	imasdk.googleapis.com
3	bid.g.doubleclick.net	imasdk.googleapis.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	id5-sync.com	cdn.id5-sync.com
3	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
3	connect.facebook.net	go4kora.com connect.facebook.net
2	ad-events.flashtalking.com
2	servedby.flashtalking.com	1 redirects
2	ap.lijit.com	2 redirects
2	x.bidswitch.net	2 redirects
2	c.eu1.dyntrk.com	2 redirects
2	cdn.doubleverify.com	8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com cdn.doubleverify.com
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com
2	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
2	cdn.id5-sync.com	go4kora.com securepubads.g.doubleclick.net
2	code.jquery.com	go4kora.com
1	vtrk.doubleverify.com
1	d9.flashtalking.com
1	s0.2mdn.net	8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	ads.yieldmo.com	8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	um.simpli.fi	1 redirects
1	rtbc-frc.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	player.adtelligent.com	player.aplhb.adipolo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	jscdn.greeter.me	go4kora.com
319	57

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
t.me
www.instagram.com
chat.whatsapp.com
www.snapchat.com

Subject Issuer	Validity	Valid
*.go4kora.com E1	`2022-07-11` - `2022-10-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-19` - `2022-08-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
greeter.me E1	`2022-07-19` - `2022-10-17`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
player.aplhb.adipolo.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
player.adtelligent.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
vast.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-06-13` - `2023-07-15`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-20` - `2023-05-20`	a year	crt.sh
*.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-02-24`	a year	crt.sh
ad-events.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-03` - `2023-08-31`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2022-07-25` - `2023-08-26`	a year	crt.sh
vtrk.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2021-12-03` - `2023-01-04`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://go4kora.com/
Frame ID: 1269ADD1D7BC41F5A12A0FFF326B0FD6
Requests: 160 HTTP requests in this frame

Frame: https://go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=7382416a388abab8
Frame ID: 5278A4D741F0DD7D4D7A969EFDD4E125
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220804/r20190131/zrt_lookup.html
Frame ID: FE04FC1599DBD22C6B0B151ED361219F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_rbd_cnv_n-Outbrain&dcc=t
Frame ID: AA28E62C6730230B62C3FF90360E9F14
Requests: 1 HTTP requests in this frame

Frame: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DAFC05E9210A73ECBB214E0D6CA9CFCC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve57WiosepOjPJd_sGdBjPXgWI0mFcHSG0koUrnPMIA5--fiOOivd3q0McHD1iyg6jQ1oI0wNF7_8CjLW1MTkkIQiPHBjPkF-7O6a0TJp9vnetjjdtgw8ruNpsccxknXcOMIL2sgI6urfPuWsq-TgRiN0yFimCY8fykXN0Bl_yVXdCSZsiRbcIsx6UqQO2egngoSDXJnZf46UaUllFqzmZVlpMwXck87LKQqPDEvTSI-kMrDhx-IJ6HXXJHLKIqQMh_4cw7RAP9_1_glfHO6uAZ97Ajm1zEWp0ELyb5W8O2aZO9_94KySpYB1nIZkVoHYBgiLoDJMTvjcCQRsX8EZYwJ8ohywI8x8tQKHAeH03ChbYPneXL8eKqH8kqqIYZshFhe-U&sai=AMfl-YT1AquapnZWFc16nFuhwgmlDNN_YZRsjGrLJfGNNqKjLy5SnDaMd5M9hUGWDfca1NilkxhCaJ1MRFYuopxdhi7Abq_Qm9LlDtqcLkEebCZF1aA5m2iUOilVsk2KQ1l9TC8&sig=Cg0ArKJSzCsMguaF5DEcEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6128A4C8C3A865B05E03A96E998ECC56
Requests: 2 HTTP requests in this frame

Frame: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B690E0EEE5FC92E0B78953D82553AED0
Requests: 24 HTTP requests in this frame

Frame: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F6813907BAED4B66E281D580AC8ACAD1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLati8wBMAE&v=APEucNXryEKlb2nC3gk3UzMQGTekVN5XTDyBr-NfP1qdcYoDBBuydbk73kuKlvjlMZ9K25I7uViwa0UBpl-idq2Ofn-BKP8TiOdX3eSrTrPxQqN_v9cxpDlnXszeqrdkSg7tPw6KSvkwEJWpHZ2j2wl4EgUBAy_BvmKe3RXw5GWx1frP4OWTySo
Frame ID: BBA69C844AF86F2B244B5BDA45B49BA7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js
Frame ID: AE7DF09D11976A31DD9C888B91CA2DED
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuatRtOmSnsmtntnyGr44cci4Jf5x2z4DbW66jOOUuk7DptPZZS-FdIEy5LKmUv43MY6301YPtT8HVx2REbBLPyumS71WvKNxyGNXNBl1uq2yUZeqeNXrGnCF5dAW-F5EJzkns-Px-2e531X_H2ahX6vH-bISFjY8VzLfZYToBe37Rxeke_A6h3Gt16X7NHDl0ZMAVxUtxgIjftaCpiuWITVZIhu6oUTgP4-YWIQgo5Ue-x9rOPqm661rm16_Mk-ed7Y0PbA0bm5DxOSGihLQc21pSBovo-pvFGODC7ie2Ij8n79QMKh-a7t-DViQXYe9b4iMjs09bRgBW2VJfxL4q42IdEdWT-_1VC1X3Ud-2c10DgKNZ6R8FmRzZfhukea8pp079s&sai=AMfl-YT_8ro7B7eiuu2XuiXSvsLnFdgUki_I1xk4Vkl4cHEXDg0VuyPCvO2pbV-JQDyI4skN0wWN1gzBb-TtwAeFNMAJpdgk-LALRvueKrbF_mbmywscmfniQM41_N78sy0uzg&sig=Cg0ArKJSzPpYnkNQDJw3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5BC37DD6093E189DAC5B22524DAE2C58
Requests: 2 HTTP requests in this frame

Frame: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 97637E4B3B324CBB1B5AABC829946145
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CA6361FE7CB2382C40F6FFEB29495443
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: 2FB93B6A221EE352D99FDC2C243414C0
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A4784ADC44C7427C1D4D6695BA1E61F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 17A4B35A0C38CE231962F7636F302FBE
Requests: 2 HTTP requests in this frame

Frame: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C4E66D16A38ED9680AE235D65F8FDF5D
Requests: 43 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: E0FB89A720735C47FB09A236ACB24A89
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2E3115DC96434CB53B693378A5543BB0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: AF8E439BFBEF460D0BBE5022A3F8B92F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: EBD5D411711F902939C1B0D760ABFD27
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 23624F6E169A06FF631865E45F839795
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

موقع جو فور كورة : عالم كرة القدم بين يديك

Page URL History Show full URLs

http://go4kora.com/ HTTP 301
https://go4kora.com/ Page URL
https://go4kora.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

319
Requests

93 %
HTTPS

48 %
IPv6

33
Domains

57
Subdomains

49
IPs

8
Countries

5927 kB
Transfer

15318 kB
Size

27
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/go4kora.official

Search URL Search Domain Scan URL

URL: https://twitter.com/go4koraofficial

Search URL Search Domain Scan URL

URL: https://t.me/+lK0olA7U_HJkOTEy

Search URL Search Domain Scan URL

URL: https://www.instagram.com/go4kora/

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/Eqez8XN3JdODRKxoPr6zKy

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/go4kora

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://go4kora.com/ HTTP 301
https://go4kora.com/ Page URL
https://go4kora.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://go4kora.com/ HTTP 301
https://go4kora.com/

Request Chain 124

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_rbd_cnv_n-Outbrain HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_rbd_cnv_n-Outbrain&dcc=t

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5dHXS1bbziFYxscuQncSU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5dHXS1bbziFYxscuQncSU&google_cver=1&C=1

Request Chain 184

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvKbLdXybgRVpf1Cq.DCQgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8um2Ott4rVgCUoZDBS4c0&google_cver=1&google_hm=2

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE7kxAgqr7W7DmdY_0U8Q2E&google_cver=1

Request Chain 186

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ5ODQ2OTc1MTgxNTk2OTYwMw%3D%3D

Request Chain 218

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 256

https://um.simpli.fi/gp_match?google_gid=CAESEJpjpeOaTr5Kj7-08j9ez2g&google_cver=1&google_push=AehlK4CH3HpsT38Yj0RoJ6G9S_7QgsFLjdbpZ7V0quuf5ug4WqMrYpVZ295XsniR5cnTTdK_5On7ZyC3YPaOSCU7NVPSIAPRQav1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8777A38186A04191B86273AAAC95C0ED&google_push=AehlK4CH3HpsT38Yj0RoJ6G9S_7QgsFLjdbpZ7V0quuf5ug4WqMrYpVZ295XsniR5cnTTdK_5On7ZyC3YPaOSCU7NVPSIAPRQav1

Request Chain 257

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELmKl02at66gk0MLgVv6L30&google_cver=1&google_push=AehlK4Ael6nNWLWK2qnz98npH5Q9LDR5Sm_9cC6Nay4WfF7Z87WndFRULf2diuIURw_gyBAtLMWkO8RUemxcYKQFPoHqpn4WpnqJ HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELmKl02at66gk0MLgVv6L30&google_cver=1&google_push=AehlK4Ael6nNWLWK2qnz98npH5Q9LDR5Sm_9cC6Nay4WfF7Z87WndFRULf2diuIURw_gyBAtLMWkO8RUemxcYKQFPoHqpn4WpnqJ&prevuid=&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Ael6nNWLWK2qnz98npH5Q9LDR5Sm_9cC6Nay4WfF7Z87WndFRULf2diuIURw_gyBAtLMWkO8RUemxcYKQFPoHqpn4WpnqJ&google_hm=

Request Chain 258

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKIfH6ma2AWs5lM6YWNJRPs&google_cver=1&google_push=AehlK4AFoeQLa2E0LMGNJ3ThVHnOqJMJ45KgZ2DkoWbiYT1FJNbQ6ePCYZ8iBSJOKXiqnRaFl6VntdWl4qa2QPe-0Xb6Sk3geMqN HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKIfH6ma2AWs5lM6YWNJRPs&google_cver=1&google_push=AehlK4AFoeQLa2E0LMGNJ3ThVHnOqJMJ45KgZ2DkoWbiYT1FJNbQ6ePCYZ8iBSJOKXiqnRaFl6VntdWl4qa2QPe-0Xb6Sk3geMqN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AFoeQLa2E0LMGNJ3ThVHnOqJMJ45KgZ2DkoWbiYT1FJNbQ6ePCYZ8iBSJOKXiqnRaFl6VntdWl4qa2QPe-0Xb6Sk3geMqN&google_hm=9wJW3r0sS2-vgV4O3shZlw==

Request Chain 259

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEPIUegFkAb_DPAO818tsTmk&google_cver=1&google_push=AehlK4BxzDFD0oY9iGcxxsAi6LV9S2wIfObsX_4RH4uVgaFH46QGfoOmwkYCTojK69SsVpVQUKLhT1WBxf6oXsB531tInhj_iD8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PA56KrVTSV9PBxks1-Ki5JJGdW4&google_push=AehlK4BxzDFD0oY9iGcxxsAi6LV9S2wIfObsX_4RH4uVgaFH46QGfoOmwkYCTojK69SsVpVQUKLhT1WBxf6oXsB531tInhj_iD8

Request Chain 260

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHK67d2VcxRkDJ-7WjSpb8k&google_cver=1&google_push=AehlK4D4dlnC84lJekg4KN12r_fFVm0F80ZPmQaQrbz3Fc5Zs3ulk8pSVu_kYUA562dvi18TIKzBJ4h6Yw7Bzsh6tEC7c8ei5Z9C HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHK67d2VcxRkDJ-7WjSpb8k&google_cver=1&google_push=AehlK4D4dlnC84lJekg4KN12r_fFVm0F80ZPmQaQrbz3Fc5Zs3ulk8pSVu_kYUA562dvi18TIKzBJ4h6Yw7Bzsh6tEC7c8ei5Z9C&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D4dlnC84lJekg4KN12r_fFVm0F80ZPmQaQrbz3Fc5Zs3ulk8pSVu_kYUA562dvi18TIKzBJ4h6Yw7Bzsh6tEC7c8ei5Z9C&google_hm=FHkAsGZHUWIkjkV3QYG8eBZx

Request Chain 261

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC9FNTUyPvHDVpk9iBz_O6Y&google_cver=1&google_push=AehlK4CDMGdm2usk3a2OEwOIecoFcNJBGtkCtxpvfLp569JVeTubnjYyYe1Y5lbOGY2_qi7TbruexZwJ8CFBwdRkgoaCVDzvWCaz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4CDMGdm2usk3a2OEwOIecoFcNJBGtkCtxpvfLp569JVeTubnjYyYe1Y5lbOGY2_qi7TbruexZwJ8CFBwdRkgoaCVDzvWCaz

Request Chain 302

https://servedby.flashtalking.com/imp/1/184716;6566075;201;gifimpid;DV360;DemandCreationTheWorldIsYourCanvasPhotoshop2022Q3DEProgrammaticDV360GilesAndCecilieTargeted15sVideoVASTDSKAudience16x9/?ft_impID=C88102AB-DC73-A73C-1385-7900DB805BDF&ft_custom=&ft_section=&ft_partnerimpid=&ft_partnerid=&ft_c1=&ft_c2=&ft_id=&ft_c3=&gdpr=FT_GDPR&gdpr_consent=&gdpr_pd=FT_GDPR_PD&us_privacy=!!US_PRIVACY!&ft_creative=3934948&ft_configuration=0&cachebuster=1374479993 HTTP 302
https://cdn.flashtalking.com/xre/656/6566075/3934948/image/3934948.gif

319 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
go4kora.com/
Redirect Chain

http://go4kora.com/
https://go4kora.com/

33 KB
11 KB

159ms
100ms

Document
text/html

2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf5a8e941aa56ad9761c413dc420f345f12303793229e1f59f317676ddf34fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 738241689c2c5a43-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 17:36:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX1%2FSvFPScwFhfd5Fg%2BxaEIyHDB%2BBUeayXcNTbOkZR7%2BAtJ205x8UH6FH1VQqRPhLctYSgfnsDwgBMJmWN8N1sy%2FgLq2FEFNsnPewylh8oF3nZdFzfP8IGPSsiChlcgB4BApnN2CoH9SLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

CF-RAY: 738241680daaf933-MXP
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 09 Aug 2022 17:36:42 GMT
Expires: Tue, 09 Aug 2022 18:36:42 GMT
Location: https://go4kora.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOntsU8B%2FHD45jEIwMyFevG%2FMaD0v6N1SI%2BapffPbtOZLwmwYAZBd1HYZAks6rHWkhapSGaN%2FG0QunGmCTbtiPDfM3OhRmPOXPiePgJWYFzBUN0RbieYiroUKvgUWth4Aa1mLrS69y%2FmUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 116ms
40ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
age: 461737
cdn-cachedat: 07/14/2022 10:23:58
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"ec3bb52a00e176a7181d454dffaea219"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d6bbdce9db9970ae8d3272eaea80fd1c
cf-ray: 73824169ca2123df-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-rtl.min.css
go4kora.com/assets/css/ 24 KB
4 KB 47ms
46ms Stylesheet
text/css 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/assets/css/bootstrap-rtl.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41a4650481e83752c89317b3896df89e49ce56b09ab272c963a7ac7f795dbfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2204762
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Jun 2018 22:48:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5b219f56-6147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLuKb8O3OHOtdBZ9%2Fm5EmpGF6ChznmHzc5rvwKEIL5W8OOUc9MnsIApXeoDyyV4QvLvANkvqOAmb%2Bl5Op57vWhO%2B%2BgqwTiftZ80vukhhEI6uJx0%2FbiOdEqyCcg%2F%2FvntkDHWNFLbgHWmL0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 738241694d3d5a43-MXP
expires: Sun, 14 Aug 2022 04:37:02 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 115ms
39ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 13126148
cdn-cachedat: 2021-03-10 20:26:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e55ae71d8339ddb30e4376a027623d28
cf-ray: 73824169bafe01eb-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 home.css
go4kora.com/assets/css/ 6 KB
2 KB 48ms
48ms Stylesheet
text/css 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/assets/css/home.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99294cc249766f0b8548a062c772edca61b47c282cbee1649992fb99ab193410

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2204762
cf-polished: origSize=9735
cf-bgj: minify
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Feb 2022 04:48:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62170e33-2607"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSjTKFW8XIhlBDt0uba7MJBM9otm1Dg%2F9TNq2hOWQmHrJLoDMpF51O351wJ0fbryy3wBipKa2QKctEFqrIRqd5kfWwZh2YvN30r7ISozraI%2BmHmNgUb9nNC4rzENtQ3Bco%2BVhSV4BoOlyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
cf-ray: 738241694d405a43-MXP
expires: Sun, 14 Aug 2022 04:37:02 GMT

GET go4korahead.js
jscdn.greeter.me/ 0
0

GET
H2 200 up.js
live.demand.supply/ 9 KB
5 KB 198ms
124ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G9JGCHTJ6DWT726EK7TSAD3R
date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 633
cf-polished: origSize=9326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"3701fc81423322f545eaef7fc1d21859-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 73824169ecf601e3-ZRH
link: <https://live.demand.supply/impl.v15.1.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/Z280a29yYS5jb20v>; rel=preload; as=script

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
42 KB 80ms
30ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-117897648-1

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6ec88cb99386e11f744da0dd9ea7bbbf4d42e9d0efc1cb3ccdaa5903bba9944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42874
x-xss-protection: 0
expires: Tue, 09 Aug 2022 17:36:42 GMT

GET
H2 200 logoHome.png
go4kora.com/assets/img/ 9 KB
9 KB 63ms
57ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/img/logoHome.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd433708cb7ca53a7ac9c6b88da2081520d809dd296b45cd54eaac443a12923

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2204762
vary: Accept-Encoding
content-length: 8996
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 18:36:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60b52c95-2324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1Yyfy%2BjBzjrYj%2FmKZxjag5lvtBDMSblS0NHnraB0Gz5u1lrkHEqmMovNAPUhNL2Li1iW72I%2B2blCcT3AIJ8qpmOLLX8V%2BuMUYgh62Q1yUVyvZl%2B4qdCqbpYzinA172vN0RMOuOIo2M9cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738241697da95a43-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H2 200 356566926a852c7de474b53760a67ca2.png
go4kora.com/assets/teams/ 31 KB
32 KB 66ms
60ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/356566926a852c7de474b53760a67ca2.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cf412d0de999b7d9e226055f1952e322f404e2571454cb722855253fdbaaa3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88932
vary: Accept-Encoding
content-length: 32134
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 19:41:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b68a476-7d86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYKK2RxVUELL3T60XpF8VxottDkSaUvoFkLqOFIs%2ByaL99oL%2FGolsW3xkQ6gET1BC%2Fr%2Ba%2BbF4gQKyKv5DL6r6ahBqNo78%2BXM3I5sNuXuuieOOcEqJ6GSA2I7uXLz1V55H6a1tyjwHv3C%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738241697daa5a43-MXP
expires: Wed, 07 Sep 2022 16:54:30 GMT

GET
H2 200 08dfeeb7972a596e41afc418000f0c5d.png
go4kora.com/assets/comp/ 61 KB
61 KB 38ms
32ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/comp/08dfeeb7972a596e41afc418000f0c5d.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a3c0f537dfe0624f744865c7011d740098c3a8f8f0228bb9ca687a1a3aa737

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695722
vary: Accept-Encoding
content-length: 62210
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 19:40:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b68a420-f302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inoKkNBj27njq9FwluiYRE%2BWPekTeBLRo0fzgX6mC4gIISZNN894LEGvTzT2XeU%2FjLvwg5feVTA%2F10uM8VYXQ36SMdp6lr0c%2Bwu2%2FyNyThNkJu%2Bl3ZigUwGYExX8eP6hdsmNqCg9ZFF48A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738241697dad5a43-MXP
expires: Wed, 31 Aug 2022 16:21:01 GMT

GET
H2 200 2b320fcdec3aabf37c959abceaaa1a38.png
go4kora.com/assets/teams/ 33 KB
33 KB 67ms
61ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/2b320fcdec3aabf37c959abceaaa1a38.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d99713b02640cb27d9383e169dd458541c14e3393f9a54dee187d34f96e1d5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88932
vary: Accept-Encoding
content-length: 33686
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 19:46:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b68a5b0-8396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOIDxfqU9ZugAca92geDNFrBU31kKMsy91oc9hkV9IKYWMWvwIz3C7rdsoWzb8YYni0K5DpYV5qQwGVqIsGciKT4fPGXGtfDH9%2FKGSWcHspNngch%2FbJ9nQekxr9zfLlSabLEz9DrW5bfAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738241697dae5a43-MXP
expires: Tue, 06 Sep 2022 20:21:41 GMT

GET
H2 200 6ad3d6d6186d5b6fb1c046f10ea10a2d.png
go4kora.com/assets/teams/ 30 KB
31 KB 63ms
58ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/6ad3d6d6186d5b6fb1c046f10ea10a2d.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd49bd84686e9053000eb4d61dff40dc7c5b6bee3b7a31dc66150e408caab988

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33308
vary: Accept-Encoding
content-length: 31225
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 19:45:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b68a552-79f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhSU2IxsqyGUNEHjN1gjZ5MLGPCI5xJhECVCWYMXtmEhGO%2BmjFPobb4PKOwLDrafyzGG1%2BAhdOW6uJYQq1AJr6DkTufGZuusBZ40cXGjicOy4AsciGcfi6WGpalTstYZm86vgSoQT3y7xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738241697db05a43-MXP
expires: Thu, 08 Sep 2022 07:50:58 GMT

GET
H2 200 0de3fce6973501568ce041a295bf6c0e.png
go4kora.com/assets/teams/ 33 KB
33 KB 67ms
62ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/0de3fce6973501568ce041a295bf6c0e.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34737
vary: Accept-Encoding
content-length: 33624
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 19:43:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b68a4d4-8358"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kghdiWLcLspqqSAMtcNJe1rXUyDV3p1op3nSccDBi6vqhvqFHSTYiZz4pPOL6dHAIEOVhwjobtTmYwL0VEPzBHDyr2%2BzBNbpPTvzZsJ06NCtyWb0h7DGWrAu7shEMRoWuS%2BcQ%2FNfBBAh5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738241698db25a43-MXP
expires: Thu, 08 Sep 2022 07:50:37 GMT

GET
H2 200 a839d522f74b2444242ba3042b1ae6e8.png
go4kora.com/assets/teams/ 51 KB
52 KB 64ms
59ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/a839d522f74b2444242ba3042b1ae6e8.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33308
vary: Accept-Encoding
content-length: 52573
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Jul 2018 14:27:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b4cab50-cd5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIO7I26nT7cV9v%2BJ5wJN%2F8CRWMc19u2btjyeDJN0PGxOzK3pSj6bALsI4EYunO26inEcE2x%2F%2FRuNJboWsfhEcsLOrfZIc2VXTzLd%2BWdhZ6LGRMwM7EM8k0jOpHREVnkcIDqDO3pOmCOPqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738241698db35a43-MXP
expires: Wed, 07 Sep 2022 23:13:16 GMT

GET
H2 200 95e17169186b1846d0b7bc2ed9088c35.png
go4kora.com/assets/comp/ 52 KB
52 KB 65ms
61ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/comp/95e17169186b1846d0b7bc2ed9088c35.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34737
vary: Accept-Encoding
content-length: 53071
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Aug 2018 17:42:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b71c30e-cf4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wrFEzV0cRNBtBaiKymptL0DoaMA67wf%2BZ2YXvb1S1Ok7BD2qGeuKGmmKir0snJ7sNsBW9UQQWTblhpgKK9hXEYQAJ8atGkvB73vpK1SAsGtY74fpCeh8cVsim58hpQ8NP1H1EsHNRHXJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738241698db75a43-MXP
expires: Thu, 08 Sep 2022 07:50:58 GMT

GET
H2 200 d16af4a1859fac5f2b5234610a6d6b91.png
go4kora.com/assets/teams/ 28 KB
28 KB 65ms
61ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/d16af4a1859fac5f2b5234610a6d6b91.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3248ee869707a5daa6002c3f333a0156e4932ac6fc39e961e7aa0dcad5050502

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34736
vary: Accept-Encoding
content-length: 28683
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Jul 2018 01:52:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b4d4bd8-700b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmCcxA0op%2FuX%2BTqDEawD5wNzFpykimsz6MxOhdc437J5pYimmYWrQWaY78xUmM9IKwc6NSa7zZpQB3mmZ%2Fij0H4KEzKYobhZEQEsjDgM3myfyo%2Fx2beAr60MzQhyvCwGct6KKoSxUAyiFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738241698db95a43-MXP
expires: Thu, 08 Sep 2022 07:50:58 GMT

GET
H2 200 203cd501016508d34f60e84fa3350b8b.jpg
go4kora.com/assets/articles/ 53 KB
53 KB 63ms
58ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/203cd501016508d34f60e84fa3350b8b.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2204762
vary: Accept-Encoding
content-length: 53902
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Mar 2022 17:09:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "621fa4b3-d28e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYWtsiY6C%2BYKGa0R1Gpk%2FJlTSvRGovYYe9%2BR5STrBNIRm2bvIn5BLS%2FBCi0xVPT8Zt17jXgdCm5WoLyenXjnSmuOlwqf3CXedC3a1KfQtLC5TFHVY64l31f%2F8YRYV1s7%2FOfch76izpeJxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738241698dbb5a43-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H2 200 72450ef4f920c799fe20d97981f68611.jpg
go4kora.com/assets/articles/ 24 KB
25 KB 66ms
62ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/72450ef4f920c799fe20d97981f68611.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2204762
vary: Accept-Encoding
content-length: 25007
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Feb 2022 15:47:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6218f9f4-61af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcBO%2B8JUwjOk2TI2zluTwuZIfZF7XJdrwCUcQR0imjWgwJjEzV%2B9VH%2FQ%2FT%2F5lcbLf%2BHTX%2BqPDES1qxdzlhVuYLo9ojKYmglU916zY06EgvalgQhGKC0Hi%2B%2BqAxkC57yyS6AaSyvokCeUEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 73824169ade55a43-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H2 200 9c119aed5ce9cef2891efaf62223ecac.jpg
go4kora.com/assets/articles/ 63 KB
64 KB 67ms
63ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/9c119aed5ce9cef2891efaf62223ecac.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2204762
vary: Accept-Encoding
content-length: 64718
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Feb 2022 16:25:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6217b15e-fcce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9wc1ZIwASDtGBpWVZ%2F3%2BixZY7ZCXbpM5U19O4v9vSy5C%2FxcR7fYEIJ%2FuC8vgetTr1Ybq9uw96too4UgjSdmHEeXoRNt7ShrZUieg1nzejDTaJ8KqiG3Y0%2BkcUrDL8aq5q2yXGcl7tfViQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 73824169ade75a43-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H2 200 83d76f4435b241b0c6574b57e95316ab.jpg
go4kora.com/assets/articles/ 599 KB
601 KB 91ms
87ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/83d76f4435b241b0c6574b57e95316ab.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2199639
vary: Accept-Encoding
content-length: 613825
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 22:58:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6216bc1f-95dc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nxf13vuZD36LlfrjPV6OHTSPkZA5wp%2Bz4Wn9XBeyJaS%2FBnM9d3Wp4I0blaPZt5CLnQXa7LGAUZUccLiWHDh9lOS0kQx5XcTdyt1hsn2Huzp78Q%2F4xInlrpNuYJUBren0mMl7R6In90EkWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 73824169ade95a43-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H2 200 21518a408b34a13d409c9f5ede16064e.jpg
go4kora.com/assets/articles/ 40 KB
40 KB 67ms
63ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/21518a408b34a13d409c9f5ede16064e.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2204762
vary: Accept-Encoding
content-length: 40998
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 16:55:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "621666e8-a026"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hv3eZ6CZUw5J89tUmvpm8RyuFfLPBNNFOiJTa7PSWY%2FuVTwEmW0ecEd5Xb%2FXGkh9gsGgterQ5HF3Eoj%2BTBorBnhwekJCPBIMe51LQhQ2noTgPLDlwEQ6Py0yV9SnaFwaOkGvT0ZUEVPfsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 73824169adea5a43-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H2 200 c350984a80f047fe922da3c3b0bcd2f4.jpg
go4kora.com/assets/articles/ 199 KB
199 KB 90ms
87ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/c350984a80f047fe922da3c3b0bcd2f4.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2204762
vary: Accept-Encoding
content-length: 203494
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 16:32:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "621661a2-31ae6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z31tTHubUWepzFOPDU%2FBp7SeBL1j%2FZHA7SS846cS8OpjzNhzG5C9mPORacT6EhijytAP0hHCKJ8375SrgmCD41Iveo1g4iVayzKttR5jjDRAALQBkOKAQw8jQU5cS3wIKRSjEIdMKkzhdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 73824169adee5a43-MXP
expires: Sun, 14 Aug 2022 04:57:13 GMT

GET
H2 200 jquery-1.11.1.min.js
code.jquery.com/ 94 KB
33 KB 110ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.1.min.js
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-1762a"
vary: Accept-Encoding
x-hw: 1660066602.dop008.fr8.t,1660066602.cds212.fr8.hn,1660066602.cds148.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33202

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 92ms
42ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 863
age: 438533
cdn-cachedat: 05/12/2022 03:05:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"5869c96cc8f19086aee625d670d741f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ab974bbdff20f42f093e27753bc66905
cf-ray: 73824169ca2223df-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sdk.js Show response
connect.facebook.net/ar_AR/ 3 KB
2 KB 89ms
30ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9546c19f08970e5abddaa0b7ef13805b4106bd2eb1f9f87e946b6c83ce0ba7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ihUxdaefIaCi4WVZqmkbRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: axD0JxCokjA03tX5MUIj1eCzy8PVcneg3Gh8sxm7lSvPl1fCcvVI2As5HoaV/bTf+wNgt2ivu9qU19xFcJWQ/g==
x-fb-trip-id: 720026100
x-fb-content-md5: 6468c5b7d3a61173b0f74f3dfbe01405
x-frame-options: DENY
date: Tue, 09 Aug 2022 17:36:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0f13df4bdf3639f5ace971ee779163a8"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Aug 2022 17:37:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
930 B 70ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Requested by

Host: go4kora.com
URL: https://go4kora.com/assets/css/home.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

384f1076cf595f437c5dcc4075ed9aa516a6b440216d0720241091954c5b9b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 17:10:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 17:36:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 17:36:42 GMT

GET
H2 200 SLXGc1nY6HkvalIhTps.woff2
fonts.gstatic.com/s/cairo/v20/ 32 KB
33 KB 63ms
19ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v20/SLXGc1nY6HkvalIhTps.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 04:24:48 GMT
x-content-type-options: nosniff
age: 393114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33172
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:42:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Aug 2023 04:24:48 GMT

GET
H3 200 Primary Request / Show response
go4kora.com/ 32 KB
10 KB 245ms
244ms Document
text/html 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b4ab5350e492c2fe26e5c5ed3836cbc6037ad92db3184176115f428e8444a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7382416a388abab8-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 17:36:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVWXbtTS5wFjHwL1FW7z%2F2mIRaNfuJMZPcpfKUefcvsQTxm3pBU7VflT1f3RElINyZ1ELxUL8mLEt0bJ7ovyzxZ6SgiKjwJ7xxAKZrYr%2F0Pz0dNo644zjumUaMUoLjKMBAHbUw40ZidAjA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

GET
H3 200 backWall2020.jpg
go4kora.com/assets/img/ 141 KB
142 KB 50ms
50ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/img/backWall2020.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/assets/css/home.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/assets/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2206777
vary: Accept-Encoding
content-length: 144393
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Sep 2019 14:52:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d8244aa-23409"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9SbWXxL%2FOWKW%2BO2%2FUnKcfi%2BLR5NmucDgEqHb0D%2FLM8zgrMwqySs5AzmVwpLvYdveRAw9t%2Bf9k3xmnFyCmORVNDkI5jXk58RcrEwf7AbhOuyG%2FKEZBG%2BFJ3C0Lw%2FTiU98GClryEqy5nyVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416a3896bab8-MXP
expires: Sun, 14 Aug 2022 04:37:05 GMT

GET
H2 200 SLXGc1nY6HkvalIkTpu0xg.woff2
fonts.gstatic.com/s/cairo/v20/ 29 KB
29 KB 69ms
39ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v20/SLXGc1nY6HkvalIkTpu0xg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 06 Aug 2022 01:40:22 GMT
x-content-type-options: nosniff
age: 316580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29984
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:42:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 01:40:22 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 59ms
32ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 73687
cdn-proxyver: 1.02
cdn-cachedat: 04/09/2022 08:19:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c1c1872861947edb5c235d05baf258e9
accept-ranges: bytes
cf-ray: 7382416a68730215-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 js
www.googletagmanager.com/gtag/ 197 KB
71 KB 80ms
41ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5QKX54JRFP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117897648-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72416
x-xss-protection: 0
expires: Tue, 09 Aug 2022 17:36:42 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 125ms
2ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117897648-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1845
date: Tue, 09 Aug 2022 17:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Aug 2022 19:05:57 GMT

GET
H3 200 impl.v15.1.0.js
live.demand.supply/ 78 KB
25 KB 111ms
38ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G9JGC4SF2CTRKXGFMFC505EP
date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 514318
cf-polished: origSize=79748
cf-ray: 7382416b396b020d-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"65772cc2934985b44975eb066669ea16-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET Z280a29yYS5jb20v
live.demand.supply/p4/v14-3-0/ 0
0

HEAD
H3 200 e.js
live.demand.supply/e/ 0
365 B 101ms
38ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=226&cs=c&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCVBVPMB9GXN2KCJ8RW8Q
date: Tue, 09 Aug 2022 17:36:42 GMT
cf-cache-status: HIT
age: 2243268
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416b38ea0208-ZRH

GET
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 61 KB
0 140ms
52ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51493
x-xss-protection: 0
server: cafe
etag: 2429995354613545095
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:36:42 GMT

GET gpt.js
securepubads.g.doubleclick.net/tag/js/ 0
0

GET
H3 200 ds.2.html
live.demand.supply/ 413 B
469 B 101ms
41ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G8TS3EPSA8G94T2HQRDRRCW7
date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 9938
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7382416b38f50208-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET apstag.js
c.amazon-adsystem.com/aax2/ 0
0

GET
H3 200 uamp.1.json
live.demand.supply/ 8 KB
3 KB 96ms
37ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G8TRY2NE1JTRZA6H47X51ACH
date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1045081
etag: W/"011e5e31e2a3f38b0144a3f8ebd2c638-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7382416b38f80208-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js
live.demand.supply/x/ 0
365 B 98ms
40ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCV5QQ8PSXPP882MV0NZE
date: Tue, 09 Aug 2022 17:36:42 GMT
cf-cache-status: HIT
age: 2243268
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416b38f30208-ZRH

GET
H3 200 uamp.1.json
live.demand.supply/ 8 KB
3 KB 92ms
38ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G8TRY2NE1JTRZA6H47X51ACH
date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1045081
etag: W/"011e5e31e2a3f38b0144a3f8ebd2c638-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7382416b38e80208-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST collect
www.google-analytics.com/j/ 0
0

POST collect
region1.google-analytics.com/g/ 0
0

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 36ms
35ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
age: 461737
cdn-cachedat: 07/14/2022 10:23:58
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"ec3bb52a00e176a7181d454dffaea219"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d6bbdce9db9970ae8d3272eaea80fd1c
cf-ray: 7382416bcaff0215-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 bootstrap-rtl.min.css
go4kora.com/assets/css/ 24 KB
4 KB 37ms
35ms Stylesheet
text/css 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/assets/css/bootstrap-rtl.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41a4650481e83752c89317b3896df89e49ce56b09ab272c963a7ac7f795dbfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2206779
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Jun 2018 22:48:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5b219f56-6147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yA5Q2JeMisOHKddJFW3vr0aI4ggO7hRQbDA5V4JFPWCSMeeLIkYGfDiyBCWULYztmEHZhgRtgh9tt%2FkVt2PX3tb1%2B7KZQl2pywh2r2jpN1Hgcy8bSto1atpIZMkCx1pRrrESiTI51YSVnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 7382416bdb8bbab8-MXP
expires: Sun, 14 Aug 2022 04:37:02 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 63ms
33ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 13126148
cdn-cachedat: 2021-03-10 20:26:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e55ae71d8339ddb30e4376a027623d28
cf-ray: 7382416bff5101f4-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H3 200 home.css
go4kora.com/assets/css/ 6 KB
2 KB 33ms
32ms Stylesheet
text/css 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/assets/css/home.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99294cc249766f0b8548a062c772edca61b47c282cbee1649992fb99ab193410

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2199117
cf-polished: origSize=9735
cf-bgj: minify
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Feb 2022 04:48:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62170e33-2607"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0MCm9z1HF1ZOTRxu8FG3U2c3Nj2C7Ib9CgEtFqsZSGVwbdrLfIJsKtaiQeuJ4ZNzbm59p3TmUgk0%2FAx5egsGpC0gBWOXGog390%2Be90y35Gf%2BjCuB7aMk04WFvEvEZ32CAEuO4P6v0b%2FnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
cf-ray: 7382416bdb8dbab8-MXP
expires: Sun, 14 Aug 2022 04:37:02 GMT

GET
H/1.1 200
OK go4korahead.js Show response
jscdn.greeter.me/ 7 KB
8 KB 94ms
32ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/go4korahead.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

2db6f197eee163bea53c66d338b49105218a6e4cf99b2f21b46d4983bea81956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 17:36:42 GMT
Connection: Keep-Alive
Last-Modified: Mon, 14 Feb 2022 16:15:57 GMT
x-amz-request-id: tx00000000000000267f404-0062f28eca-5c8c654c-fra1b
etag: "664fed559982c71e46587fabbce8b1d4"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1660066602.dop090.lo4.shc,1660066602.dop090.lo4.t,1660066602.cds011.lo4.c
Content-Type: text/javascript
Cache-Control: max-age=432
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 7303

GET
H3 200 up.js Show response
live.demand.supply/ 9 KB
4 KB 67ms
61ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ffd1ed4d0213d436bf9578b7145be98caac4116d36298554952b5e4789f82d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G9JGCHTJ6DWT726EK7TSAD3R
date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 633
cf-polished: origSize=9326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"3701fc81423322f545eaef7fc1d21859-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7382416bfaca020d-ZRH
link: <https://live.demand.supply/impl.v15.1.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/Z280a29yYS5jb20v>; rel=preload; as=script

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
42 KB 33ms
27ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-117897648-1

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6ec88cb99386e11f744da0dd9ea7bbbf4d42e9d0efc1cb3ccdaa5903bba9944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42874
x-xss-protection: 0
expires: Tue, 09 Aug 2022 17:36:42 GMT

GET
H3 200 logoHome.png
go4kora.com/assets/img/ 9 KB
9 KB 70ms
64ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/img/logoHome.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd433708cb7ca53a7ac9c6b88da2081520d809dd296b45cd54eaac443a12923

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2206778
vary: Accept-Encoding
content-length: 8996
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 18:36:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60b52c95-2324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cy19x60krB9kYds%2FJI0POdHShyuIJU2k9CMMyoSWX7fAQ1Cq%2Fplwgkb2eGg5%2BNLqRs%2BrcB8pbltpeAjuunAMlo4Yr82BCu8NP9%2BkfBAAUG5uwazUX%2FtKosIygUTRCAWtdEUD4X5dNBJFUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c1dbab8-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H3 200 356566926a852c7de474b53760a67ca2.png
go4kora.com/assets/teams/ 31 KB
32 KB 41ms
35ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/356566926a852c7de474b53760a67ca2.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cf412d0de999b7d9e226055f1952e322f404e2571454cb722855253fdbaaa3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88815
vary: Accept-Encoding
content-length: 32134
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 19:41:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b68a476-7d86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoTJsEQb0KwxAe1vVTVe7FTIIQaQWnCxCLAm54AYh0ah1j1LZEzjcW075jjUtDxmUJauizZn9Ad0i26QwagTSGkO7qxAzjpy%2FMA2nZj%2Fab4YaP1nc2%2F7kOvGgvIh6GKSvxOYmj4RMMcKOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c1fbab8-MXP
expires: Wed, 07 Sep 2022 16:54:30 GMT

GET
H3 200 08dfeeb7972a596e41afc418000f0c5d.png
go4kora.com/assets/comp/ 61 KB
61 KB 65ms
60ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/comp/08dfeeb7972a596e41afc418000f0c5d.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a3c0f537dfe0624f744865c7011d740098c3a8f8f0228bb9ca687a1a3aa737

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88860
vary: Accept-Encoding
content-length: 62210
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 19:40:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b68a420-f302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZ7Fskr5%2Bc%2FOwzL5atnwGwAVUgAHP37qxDEI0W3vwq1tYV11qILCH6xGi0ISQ4n4brZlAz9psDipIDfRLzUfUzB2pyJmu%2Bb%2B0gd5Jzef1jVX3MSA2wGPXWOzqqkAlHWt2ELof%2FYwdk%2Fchw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c23bab8-MXP
expires: Wed, 07 Sep 2022 16:55:42 GMT

GET
H3 200 2b320fcdec3aabf37c959abceaaa1a38.png
go4kora.com/assets/teams/ 33 KB
34 KB 41ms
36ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/2b320fcdec3aabf37c959abceaaa1a38.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d99713b02640cb27d9383e169dd458541c14e3393f9a54dee187d34f96e1d5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88860
vary: Accept-Encoding
content-length: 33686
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 19:46:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b68a5b0-8396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7XuollIOfcWO2UKYxoXBOfgINRM3A2SY3bovwyuv%2B4qThOlBwGLGKZZiHol7dCEQjzyomlFYc%2FeJ5%2FSzGZZHQBCLF0FSPGHAku8TQqOOQ0iIyDOKu1WOhKGxINti3boHtT77aouZpRw4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c25bab8-MXP
expires: Tue, 06 Sep 2022 20:21:41 GMT

GET
H3 200 6ad3d6d6186d5b6fb1c046f10ea10a2d.png
go4kora.com/assets/teams/ 30 KB
31 KB 43ms
37ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/6ad3d6d6186d5b6fb1c046f10ea10a2d.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd49bd84686e9053000eb4d61dff40dc7c5b6bee3b7a31dc66150e408caab988

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34417
vary: Accept-Encoding
content-length: 31225
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 19:45:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b68a552-79f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDOzIrQNu289i%2BoF3UulHO0bpHfnZCQSxLGBrq%2BQ7YsnAePYx8s4mU2deDAx3Eg%2BctgqfEj98FQ7D1A4PHSwe5MXc9aGxPqUmfOUJcV6xaEwLqtj6IysYTL%2BE6DIlLjlIxlZ%2B1%2FJasu9hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c27bab8-MXP
expires: Thu, 08 Sep 2022 07:50:58 GMT

GET
H3 200 0de3fce6973501568ce041a295bf6c0e.png
go4kora.com/assets/teams/ 33 KB
33 KB 102ms
97ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/0de3fce6973501568ce041a295bf6c0e.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bc3cf1a3eb53c028ac402b21eac28ca119a040c5b0bdc1ea52aca11985eca99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34932
vary: Accept-Encoding
content-length: 33624
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 19:43:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b68a4d4-8358"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0SEnC5Xbg7pVVdTr9JAgIkosG7xR5tUNPqjOLmJKEkov4Tapab9D04RM7KaTp2dvTG%2F1FpYi2dIrH%2FLdVFsmtoFvipqiwTBrs1igUI8lXa%2BwyGghQkSoOZ3ni%2BxzZmSfOJPRhoxG6N5fA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c28bab8-MXP
expires: Thu, 08 Sep 2022 07:50:37 GMT

GET
H3 200 a839d522f74b2444242ba3042b1ae6e8.png
go4kora.com/assets/teams/ 51 KB
52 KB 103ms
97ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/a839d522f74b2444242ba3042b1ae6e8.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3112131c6a9e1dd6ed030ec2b08570c5d9f0341e064a86f2721641b624632736

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34932
vary: Accept-Encoding
content-length: 52573
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Jul 2018 14:27:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b4cab50-cd5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmIiHw%2FBRnFQSlTZVB%2BN3BXI9agLQ0AyvHzzB35t0W6wH%2BjjcBfrB84ib5pjglUUq9CxhIhGjZWKjCiNJ37%2Fj2ctWyRvhRdLY6Z%2B1grqDjswFWV7q1VHxgP7dg9%2BQLDN%2B6SHQkH%2FK%2FH2vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c2abab8-MXP
expires: Wed, 07 Sep 2022 23:13:16 GMT

GET
H3 200 95e17169186b1846d0b7bc2ed9088c35.png
go4kora.com/assets/comp/ 52 KB
52 KB 71ms
66ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/comp/95e17169186b1846d0b7bc2ed9088c35.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7523783dc7856f98f9a0b0bdb24e4c40ad62903e944a318e19c9051bff551fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34932
vary: Accept-Encoding
content-length: 53071
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Aug 2018 17:42:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b71c30e-cf4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfMCzBZAjX0J65%2F8EICF2J%2FRftXFECwkqY7Z%2BETRgfQjbPm7clApqSVGbMW1fQQgxnlO%2BT5EWt%2FkLL9MOnq6KcvBkCbEiN%2BinvuB2%2BMl1Z7A66qACgkvD5H6Kg0QSrrcwl6bJ1MzQ695vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c2dbab8-MXP
expires: Thu, 08 Sep 2022 07:50:58 GMT

GET
H3 200 d16af4a1859fac5f2b5234610a6d6b91.png
go4kora.com/assets/teams/ 28 KB
29 KB 68ms
63ms Image
image/png 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/teams/d16af4a1859fac5f2b5234610a6d6b91.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3248ee869707a5daa6002c3f333a0156e4932ac6fc39e961e7aa0dcad5050502

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34932
vary: Accept-Encoding
content-length: 28683
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Jul 2018 01:52:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b4d4bd8-700b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSkPkfJ6SUiasQ86Ti%2FwOk%2BOT18ExH7%2B%2BMzsXfZ5vOlpfVkK547u2mfNlEiw9RRGMxJdIJMbLVsTh5BAGE37VvQEytVdnWJzrT2FGDng3Vg22qb3VqqSvdYd382CqnXWzFyGQm4KMyf9Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c2ebab8-MXP
expires: Thu, 08 Sep 2022 07:50:58 GMT

GET
H3 200 203cd501016508d34f60e84fa3350b8b.jpg
go4kora.com/assets/articles/ 53 KB
53 KB 43ms
38ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/203cd501016508d34f60e84fa3350b8b.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea043c9b1b53c6ddb9afe4bdd8d9838b54fe54435d9f6ea140ebe80478264b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2206778
vary: Accept-Encoding
content-length: 53902
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Mar 2022 17:09:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "621fa4b3-d28e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CMOKhA7d1gUNFVwjk%2FxneELi43oUmlzm51hJ2ddxO9waiGXoWS%2BPUE2tvfodRJ7YxKrrAiczk4epAOQI50GVkDP3EsT2GndK1M1wd1zPUhxlMtHuh96px3BHwQb7iR32N09dnMw%2FJS4Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c2fbab8-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H3 200 72450ef4f920c799fe20d97981f68611.jpg
go4kora.com/assets/articles/ 24 KB
25 KB 66ms
61ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/72450ef4f920c799fe20d97981f68611.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be1a9703d742d9e1ca36a740c33fcc122d01a0e5cba8328d1e140c1aee3f8d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2206778
vary: Accept-Encoding
content-length: 25007
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Feb 2022 15:47:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6218f9f4-61af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8LNEeJ7nlK1S7FBoQI3JOBRxK1FCqq84dajWqNAV12iYugZee8IZB6HAW%2FI%2F473mhJvNJ3cOKrsmz%2FDP9t%2F25n4dFgUnokSzIU1E7GvtmE%2F4HgpvMB7CXlFn7xoszYPCU5SP9bqbBCtMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c32bab8-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H3 200 9c119aed5ce9cef2891efaf62223ecac.jpg
go4kora.com/assets/articles/ 63 KB
64 KB 97ms
93ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/9c119aed5ce9cef2891efaf62223ecac.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

243f9298fdf5ae6543d77968111398d390d9adf0115d11d0f2f1692695088176

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2206778
vary: Accept-Encoding
content-length: 64718
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Feb 2022 16:25:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6217b15e-fcce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbeDhcvj3UjKbhOZAuQjkCOURbXu%2FO6hrjtMfRBFel%2Bd9ipTXj68xIofrQuaIaH7hywqczljkbMKBThee3bPRSqwMkPlgCZN5aLltMe4jE%2FJLmg5lZ5fipmaK5kZ0u9tUh0nMBe2uCjyXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c34bab8-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H3 200 83d76f4435b241b0c6574b57e95316ab.jpg
go4kora.com/assets/articles/ 599 KB
600 KB 104ms
99ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/83d76f4435b241b0c6574b57e95316ab.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ed20cb52595f6abbc5bdd2c52fa323c05120aeee11dfd9ad8401883bd7b4909

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2206778
vary: Accept-Encoding
content-length: 613825
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 22:58:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6216bc1f-95dc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6i6i%2FlFMOGCkJq3H0X7uavYvod6uSMGKbT6VvBJU8DCRGWZdhDwjLa8y3bB9qvp9iw%2FAzfF5E1pjPlLWa7kCP3J9gJWmV%2F2C38sZD4Fvg%2FboIqsnfjC7n%2B01kVkFqRrSuh0RqjjFfrnE1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c35bab8-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H3 200 21518a408b34a13d409c9f5ede16064e.jpg
go4kora.com/assets/articles/ 40 KB
41 KB 124ms
119ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/21518a408b34a13d409c9f5ede16064e.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

663c9b9be1fae766b50858e1ac11f67d14d4921f41d2b294f8d485979b080f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2206778
vary: Accept-Encoding
content-length: 40998
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 16:55:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "621666e8-a026"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5oZWHmg6kwvp8%2BFd827SCuBxgSX8y%2F5dn7cIr5BzJV%2FT8ScN9Yg5PaT%2FXAxJ%2FbIctID0Ag2MYAmlozoIiSPCDj83vl21ASWl%2FdVFhUdlUKaNd6%2FZcwly4Ss%2FIjkc5CBeH%2FSn9zXypxF3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c37bab8-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H3 200 c350984a80f047fe922da3c3b0bcd2f4.jpg
go4kora.com/assets/articles/ 199 KB
199 KB 99ms
94ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/articles/c350984a80f047fe922da3c3b0bcd2f4.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18b5d6db36aafbc4d353dc2838a78108f28a29eba4ea7b57367ffc334b8d91ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2206777
vary: Accept-Encoding
content-length: 203494
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 16:32:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "621661a2-31ae6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCIlV2YLy6t1Xpag6wwtQWtPZ83cf1jR89VD9myI%2BThndWy1rAGJ8TRXLFSNwJKz28zAdubivGPId8%2B3NXqlYIn8%2Bi7LHZ4iXkXl0fqhbwe8GQAApdn%2BGeFwlNAX0ex1irDLxqi5nvaP5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c0c38bab8-MXP
expires: Sun, 14 Aug 2022 04:37:04 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
code.jquery.com/ 94 KB
33 KB 109ms
100ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.1.min.js
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-1762a"
vary: Accept-Encoding
x-hw: 1660066602.dop008.fr8.t,1660066602.cds212.fr8.hn,1660066602.cds148.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33202

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 41ms
35ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 863
age: 438533
cdn-cachedat: 05/12/2022 03:05:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"5869c96cc8f19086aee625d670d741f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ab974bbdff20f42f093e27753bc66905
cf-ray: 7382416bfb4d0215-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 sdk.js Show response
connect.facebook.net/ar_AR/ 3 KB
2 KB 60ms
28ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9546c19f08970e5abddaa0b7ef13805b4106bd2eb1f9f87e946b6c83ce0ba7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ihUxdaefIaCi4WVZqmkbRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: axD0JxCokjA03tX5MUIj1eCzy8PVcneg3Gh8sxm7lSvPl1fCcvVI2As5HoaV/bTf+wNgt2ivu9qU19xFcJWQ/g==
x-fb-content-md5: 6468c5b7d3a61173b0f74f3dfbe01405
x-frame-options: DENY
date: Tue, 09 Aug 2022 17:36:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0f13df4bdf3639f5ace971ee779163a8"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Aug 2022 17:37:46 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
428 B 63ms
27ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Requested by

Host: go4kora.com
URL: https://go4kora.com/assets/css/home.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

384f1076cf595f437c5dcc4075ed9aa516a6b440216d0720241091954c5b9b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 17:36:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 17:36:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 17:36:42 GMT

GET
H3 200 impl.v15.1.0.js Show response
live.demand.supply/ 78 KB
25 KB 63ms
59ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v15.1.0.js
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2161790304578add0b3f6b09c8c0f9fde6ac3343d69570696e67c67dad0587c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G9JGC4SF2CTRKXGFMFC505EP
date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 514318
cf-polished: origSize=79748
cf-ray: 7382416c6b75020d-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"65772cc2934985b44975eb066669ea16-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H3 200 Z280a29yYS5jb20v Show response
live.demand.supply/p4/v14-3-0/ 916 B
710 B 113ms
109ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-3-0/Z280a29yYS5jb20v
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 005ed6344f7f734e86edad64325620de9d815dc45e59a2dc0ee94f2118376c49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7382416c6b77020d-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 SLXGc1nY6HkvalIhTps.woff2
fonts.gstatic.com/s/cairo/v20/ 32 KB
32 KB 62ms
20ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v20/SLXGc1nY6HkvalIhTps.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87849f221bbdc16a325dca3a1474301c20b365d2a27dce81ffe6ef2beb7eb44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 04:24:48 GMT
x-content-type-options: nosniff
age: 393114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33172
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:42:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Aug 2023 04:24:48 GMT

GET
H3 200 backWall2020.jpg
go4kora.com/assets/img/ 141 KB
142 KB 99ms
99ms Image
image/jpeg 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go4kora.com/assets/img/backWall2020.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/assets/css/home.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35697d74383d976566f50c4ea14e4fb2fa04efa4c25ae33584da0921341339fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/assets/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2206777
vary: Accept-Encoding
content-length: 144393
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Sep 2019 14:52:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d8244aa-23409"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwaHKKhJIQpvWWdD0H5d5tUhr5EN5kOr6HHfA%2FZC3ROZA9cuA8xFPZ2A2cOIx2shrWhj4kS5sZvsQVpKKoNqR98M%2F6c0VbNpbe0KlZgZGol%2FyV9PrA%2BDkn7ysGVBRlmZySNmMZongLEcKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7382416c7ceabab8-MXP
expires: Sun, 14 Aug 2022 04:37:05 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 35ms
35ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 73687
cdn-proxyver: 1.02
cdn-cachedat: 04/09/2022 08:19:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c1c1872861947edb5c235d05baf258e9
accept-ranges: bytes
cf-ray: 7382416c7c600215-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 SLXGc1nY6HkvalIkTpu0xg.woff2
fonts.gstatic.com/s/cairo/v20/ 29 KB
29 KB 67ms
30ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v20/SLXGc1nY6HkvalIkTpu0xg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2145070a8525d28e5c6e41f9502578728f6d98c9b302a508b8f1705b6e33015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 06 Aug 2022 01:40:22 GMT
x-content-type-options: nosniff
age: 316580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29984
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:42:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 01:40:22 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 43ms
43ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=93&cs=c&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCVBVPMB9GXN2KCJ8RW8Q
date: Tue, 09 Aug 2022 17:36:42 GMT
cf-cache-status: HIT
age: 2243268
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416c8b300208-ZRH

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 97ms
51ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c03041233fafecb399ae66c43ec04a384c69b4fd40958f08b8ac2a41d066c982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51491
x-xss-protection: 0
server: cafe
etag: 3459258416474148233
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:36:43 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 36ms
34ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

ec15f98604211de09a04020860148a98124296e8ce00c461f5fded4eb0ff9d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28617
x-xss-protection: 0
server: sffe
etag: "1298 / 300 of 1000 / last-modified: 1660043424"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Aug 2022 17:36:42 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
469 B 42ms
41ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G8TS3EPSA8G94T2HQRDRRCW7
date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 9938
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7382416c8b330208-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 35ms
33ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 09 Aug 2022 16:56:08 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 2435
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, VIE50-P1
content-encoding: gzip
x-amz-cf-id: vF-hBI-ZK9ESI9u_KDILLTfK5EQup4H3aZ5A2TbUKU2rdxRA71C9WA==

GET
H3 200 uamp.1.json Show response
live.demand.supply/ 8 KB
3 KB 33ms
31ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G8TRY2NE1JTRZA6H47X51ACH
date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1045081
etag: W/"011e5e31e2a3f38b0144a3f8ebd2c638-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7382416c8b380208-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 38ms
37ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCV5QQ8PSXPP882MV0NZE
date: Tue, 09 Aug 2022 17:36:42 GMT
cf-cache-status: HIT
age: 2243268
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416c8b340208-ZRH

GET
H3 200 uamp.1.json Show response
live.demand.supply/ 8 KB
3 KB 42ms
41ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G8TRY2NE1JTRZA6H47X51ACH
date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1045081
etag: W/"011e5e31e2a3f38b0144a3f8ebd2c638-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7382416c8b390208-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 44ms
39ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5QKX54JRFP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117897648-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae645f5f80a8b9fbb9b5e3254782c4323ecc6abb0a437b59207ad0c887f3da53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72330
x-xss-protection: 0
expires: Tue, 09 Aug 2022 17:36:42 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
24ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117897648-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2082
date: Tue, 09 Aug 2022 17:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Aug 2022 19:02:00 GMT

GET
H2 200 hb_323494_13494.js Show response
player.aplhb.adipolo.com/prebidlink/461129/ 299 KB
92 KB 208ms
22ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/461129/hb_323494_13494.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 500721be4e20c81e26aa296758cb73ddc1fa6812d8c6aa7c24172140716a5a93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 20:20:30 GMT
server: nginx
etag: W/"62d7120e-4ab50"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 09 Aug 2022 18:36:43 GMT

GET
H2 200 wrapper_hb_323494_13494.js Show response
player.aplhb.adipolo.com/prebidlink/461129/ 790 B
734 B 252ms
67ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/461129/wrapper_hb_323494_13494.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: c8976c4d485889d1e1c65ec9ec2514803b631984fba0d484f0e7668f4f7b5dd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: gzip
last-modified: Mon, 08 Aug 2022 13:03:06 GMT
server: nginx
etag: W/"62f1098a-316"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 09 Aug 2022 18:36:43 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 91ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec15f98604211de09a04020860148a98124296e8ce00c461f5fded4eb0ff9d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28617
x-xss-protection: 0
server: sffe
etag: "1298 / 611 of 1000 / last-modified: 1660043424"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Aug 2022 17:36:43 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ar_AR/ 303 KB
86 KB 30ms
30ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js?hash=797c6d62ca6bf08af8d3c24b944812b9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5abe48dcdb90c0c378a336d003d62ef57a8e3dd457b14f1f91376a63b6ca6e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 47vuKiNMQVTYY2oDHFi9AA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88103
x-fb-rlafr: 0
x-fb-debug: 6SZ53c66XpZLDc53N+2nry8gFOPH8GK0QkNUkepMSZJjJHS0MK/JGITLuh0VafiyMgV5H3F//amVl4KUYZaHMg==
x-fb-content-md5: 24d57f8ccccb7681738319cea4e66d94
x-frame-options: DENY
date: Tue, 09 Aug 2022 17:36:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d88e0f916752398bbda8b8bfad06bd80"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 09 Aug 2023 16:57:47 GMT

GET
H3 200 invisible.js Show response
go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/cb/ Frame 5278 33 KB
12 KB 37ms
36ms Script
application/javascript 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=7382416a388abab8

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

413a2c072b0ce357aaf4ab7362ece7a78095bfe54826a3fad15449664f498d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwtsImx0wli9zMOPT3g6LL8QSHHA%2BWeTxu6%2FtZ6vH5hNeyoZrEZU0SaKsK4Awlb%2F6cDyapYw%2FWierajs83CQEJVXN14soui6dCcK6qQy%2FiY40kwu2VFNlQuL95E2e0uJxpPPygazMpSK2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7382416cfddfbab8-MXP
vary: Accept-Encoding

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1683728348&t=pageview&_s=1&dl=https%3A%2F%2Fgo4kora.com%2F&ul=en-us&de=UTF-8&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%AC%D9%88%20%D9%81%D9%88%D8%B1%20%D9%83%D9%88%D8%B1%D8%A9%20%3A%20%D8%B9%D8%A7%D9%84%D9%85%20%D9%83%D8%B1%D8%A9%20%D8%A7%D9%84%D9%82%D8%AF%D9%85%20%D8%A8%D9%8A%D9%86%20%D9%8A%D8%AF%D9%8A%D9%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUAB~&jid=&gjid=&cid=1717641412.1660066600&tid=UA-117897648-1&_gid=1227886710.1660066600&gtm=2ou880&z=678744554

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:07:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16138
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 42ms
42ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=um&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCV5QQ8PSXPP882MV0NZE
date: Tue, 09 Aug 2022 17:36:43 GMT
cf-cache-status: HIT
age: 2243269
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416d6cf10208-ZRH

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 44ms
43ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=od&pp=BODY&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCV5QQ8PSXPP882MV0NZE
date: Tue, 09 Aug 2022 17:36:43 GMT
cf-cache-status: HIT
age: 2243269
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416d6cf70208-ZRH

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 386 B
741 B 51ms
48ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgo4kora.com&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:53:15 GMT
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
age: 17007
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-P1
content-length: 386
x-amz-cf-id: 52EVQVfCH2yLdmC4DGOksojAwKHNsA1_6bG8fZfhtRLB3LoTcV4mFA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 386 B
741 B 53ms
50ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgo4kora.com&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:53:15 GMT
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
age: 17007
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-P1
content-length: 386
x-amz-cf-id: KBaHBswO91dh9jDTrRQ05RbuwKiTG8mn-S1B-tLIQdAJNRSvs5V0TA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 125ms
34ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 50165
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
date: Tue, 09 Aug 2022 03:40:39 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: u5Ig3cK378XfMbemM54PkKhu1xFxSMWBc8iq9YI8D3Lnr3z6bMbpxw==

GET
H2 200 pubads_impl_2022080401.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 367ms
22ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132985
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 08:38:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Aug 2023 17:20:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 402 B
199 B 108ms
50ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1e12ddb6fc625e5f233e0e7a8bb77158eda1e8d3b458c9a0c2e5cefea100cc2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 174
x-xss-protection: 0
expires: Tue, 09 Aug 2022 17:36:43 GMT

GET
H3 200 go4kora.com_fluid_sky+sq Show response
live.demand.supply/cp/ 29 B
257 B 212ms
210ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/go4kora.com_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb23442d9aab508270460d7521347631932bb67c903292ada4092e1e1e8c4494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7382416e5eb00208-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 go4kora.com_fluid_sky+sq Show response
live.demand.supply/cp/ 29 B
257 B 212ms
211ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/go4kora.com_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb23442d9aab508270460d7521347631932bb67c903292ada4092e1e1e8c4494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7382416e5eb30208-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 go4kora.com_fluid_sky+sq Show response
live.demand.supply/cp/ 29 B
257 B 223ms
222ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/go4kora.com_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb23442d9aab508270460d7521347631932bb67c903292ada4092e1e1e8c4494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7382416e5eb40208-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220804/r20190131/ Frame FE04 10 KB
5 KB 87ms
18ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220804/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 11:11:54 GMT
etag: 8616628553774171045
expires: Tue, 23 Aug 2022 11:11:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 42 KB
12 KB 172ms
52ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 2928
x-amz-server-side-encryption: AES256
x-amz-request-id: TVF7JZ8T34YNK6DD
x-amz-id-2: ePgRPmCOfv9+u6G5pcHq6d8LGHZOay6xaSVAX2GShFkf9F0JlsKLMJ3vf+U3bwe0KiUXgVf9ttU=
last-modified: Wed, 27 Jul 2022 15:06:46 GMT
server: cloudflare
etag: W/"a49d5e2684c7e5d488d526ca41c2f3e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7382416f9c5923c7-ZRH

GET
H3 200 pica.js
go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 5278 22 KB
8 KB 38ms
38ms Other
application/javascript 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5f1c274749e30de85a7f0dc448b2097577dbf443299da69994b70a644095b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6t7HYPZcg0xoVYexYbzd2U%2Fv9tNrowlcMKVbtXhWl6PJxfgW9tDLSgBssuQa%2FUj%2BnscWglAKBeAthY7umGXgGDVYvPOT%2BWLnghH3f8LLt2gH%2FCf73OQmiLHmb8OZYVv3Sn9WuxNir44MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7382416ef97ebab8-MXP
vary: Accept-Encoding

GET
H2 200 hbw_master_323494_13494.js Show response
player.aplhb.adipolo.com/prebidlink/x461129/ 80 KB
27 KB 21ms
21ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/x461129/hbw_master_323494_13494.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461129/wrapper_hb_323494_13494.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 47effef349d2218144c2822eb0ac9eafdf6a62d520f72708c83ffb0b0e31f1d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: gzip
last-modified: Mon, 08 Aug 2022 13:03:06 GMT
server: nginx
etag: W/"62f1098a-13e02"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 09 Aug 2022 18:36:43 GMT

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 153 B
420 B 401ms
38ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x461129/hbw_master_323494_13494.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 6c00f268685b8a576d1307fab673f36330a258b36d1d4afb50232c01ca2a388f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 17:36:42 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://go4kora.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 153

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
430 B 380ms
30ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=323494&site_id=13494&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fgo4kora.com%2F&adid=mgsiye.8d&features=81952&vpbv=N077&tte=379&lifecycle_tte=801
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x461129/hbw_master_323494_13494.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 17:36:42 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://go4kora.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 70ms
66ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=go4kora.com_fluid_sky%2Bsq&pdc=0.3201713145750092&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCVBVPMB9GXN2KCJ8RW8Q
date: Tue, 09 Aug 2022 17:36:43 GMT
cf-cache-status: HIT
age: 2243269
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416fc9550208-ZRH

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 72ms
69ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=go4kora.com_fluid_sky%2Bsq&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCV5QQ8PSXPP882MV0NZE
date: Tue, 09 Aug 2022 17:36:43 GMT
cf-cache-status: HIT
age: 2243269
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416fc9580208-ZRH

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 71ms
67ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=go4kora.com_fluid_sky%2Bsq&pdc=0.3201713145750092&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCVBVPMB9GXN2KCJ8RW8Q
date: Tue, 09 Aug 2022 17:36:43 GMT
cf-cache-status: HIT
age: 2243269
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416fc9590208-ZRH

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 56ms
54ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=go4kora.com_fluid_sky%2Bsq&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCV5QQ8PSXPP882MV0NZE
date: Tue, 09 Aug 2022 17:36:43 GMT
cf-cache-status: HIT
age: 2243269
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416fc95c0208-ZRH

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 153 B
620 B 96ms
95ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgo4kora.com%2F&pr=https%3A%2F%2Fgo4kora.com%2F&pid=bzg1iw8uKcFdM&cb=0&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22go4kora.com_fluid_sky%2Bsq%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

6898a0f542f6b250432efe271ac4f26126f96b75f0b3e89e64cc849380b83da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: Q3RRV84XM1GKA6D6RTME
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://go4kora.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 153
x-amz-cf-id: ecyNrBPVsEHJhDEBlVZXW2845KU5SbQHte4Ia8v54nZTW33pyd-uCg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 153 B
621 B 77ms
77ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgo4kora.com%2F&pr=https%3A%2F%2Fgo4kora.com%2F&pid=bzg1iw8uKcFdM&cb=1&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22go4kora.com_fluid_sky%2Bsq%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

d30f547f8f24b06d0af53229918a5f6dc34597adcca6126e7c4fe5da3f6ac9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: TEPVSK7B4S5AE3WH9A0J
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://go4kora.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 153
x-amz-cf-id: DpCgn-1NKNSVr5E4eHPhSbri44_3Xmd4YJ5vDVrRRkG7NIRQwqipWg==

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 56ms
55ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=go4kora.com_fluid_sky%2Bsq&pdc=0.3201713145750092&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCVBVPMB9GXN2KCJ8RW8Q
date: Tue, 09 Aug 2022 17:36:43 GMT
cf-cache-status: HIT
age: 2243269
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416fd9860208-ZRH

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 59ms
58ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=go4kora.com_fluid_sky%2Bsq&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCV5QQ8PSXPP882MV0NZE
date: Tue, 09 Aug 2022 17:36:43 GMT
cf-cache-status: HIT
age: 2243269
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382416fd98a0208-ZRH

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 153 B
619 B 89ms
89ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgo4kora.com%2F&pr=https%3A%2F%2Fgo4kora.com%2F&pid=bzg1iw8uKcFdM&cb=2&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22go4kora.com_fluid_sky%2Bsq%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

5f0599bf03c1e5534ac220bbfeab3aa6d4edbd53bee71a907e208584388b6a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 0RS888BJEYP6A92QYAS2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://go4kora.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 153
x-amz-cf-id: D9N2bddpPWpfU3UzZAsSxsyyh6F_HLrxoGOBY8b31UGmRBdgyfDiBA==

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
325 B 100ms
18ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31533569.ip-162-19-138.eu
Software: /
Resource Hash: 308fbe00ee08322186222944225e8d7e6cf7b2a0b8809e89dc01b879a530dc54

Request headers

Referer: https://go4kora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go4kora.com
date: Tue, 09 Aug 2022 17:36:43 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
325 B 92ms
19ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31533569.ip-162-19-138.eu
Software: /
Resource Hash: a47b00a3edc66ea6232ec60639b7b46eef15e6b8ee62360b236aa35ce3ae2a9c

Request headers

Referer: https://go4kora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go4kora.com
date: Tue, 09 Aug 2022 17:36:42 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H3 200 7382416a388abab8 Show response
go4kora.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 5278 2 B
751 B 81ms
80ms XHR
text/plain 2606:4700:3033::6815:125b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/cdn-cgi/challenge-platform/h/g/cv/result/7382416a388abab8

Requested by

Host: go4kora.com
URL: https://go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=7382416a388abab8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:125b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcTc4BkhvDANF4QWkmZqcUsamQV2eMdv%2F9swpnhsff1DY3DLuJm8Hm8BnocngYxf19AwNwi6%2FeB5IR%2BZzUgViY0xsNkEBSfVYlh8Q0lMjaduiIT0%2B3Aup7tKXrfkZPm4V%2BZUkkyNKNhQ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 738241718e75bab8-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200 1113.json Show response
id5-sync.com/g/v2/ 213 B
618 B 114ms
20ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1113.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

a8300b8873caadfd69f574c1f754ecba4e6a0f171cbe8f4e5853a601c05f5c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://go4kora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go4kora.com
date: Tue, 09 Aug 2022 17:36:43 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

POST
H/1.1 200 1113.json Show response
id5-sync.com/g/v2/ 213 B
618 B 114ms
20ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1113.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

ba9e7964446abcfe0f2c48e32f8774f465e0d814135e785c7cd2dcd784679c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://go4kora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go4kora.com
date: Tue, 09 Aug 2022 17:36:43 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H/1.1

200
OK

iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame AA28
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_rbd_cnv_n-Outbrain
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_rbd_cnv_n-Outbrain&dcc=t

65 B
686 B

44ms
43ms

Document
text/html

52.95.126.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_rbd_cnv_n-Outbrain&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 65
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 09 Aug 2022 17:36:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 922NBRC08S1X7D41RQ1M

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 09 Aug 2022 17:36:43 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_rbd_cnv_n-Outbrain&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: GXEW86TWSC6NMXCGEN1M

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 143ms
16ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fgo4kora.com%2F
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461129/hb_323494_13494.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c5594dab17becf2a34b8e73ea303617d9bc9a43e1b0a195485c98ba3e3c6c89

Request headers

Referer: https://go4kora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 00:02:13 GMT
server: nginx
etag: W/"62f1a405-2ac1"
content-type: application/json
access-control-allow-origin: https://go4kora.com
expires: Thu, 11 Aug 2022 17:36:43 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 140ms
24ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 88ms
25ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 610ms
308ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=4292575379205407&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=1&adks=2825964077&sfv=1-0-38&fsapi=false&prev_scp=test%3Drefresh%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601254&lmt=1660066601&dlt=1660066600158&idt=961&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d824de74a1aec724cac63514adebf10537f6d64d9edb386aa667bff6843a35cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10938
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
33 KB 698ms
397ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=890909613237064&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=2&adks=2286340821&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601260&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f6ffb05de96c39e8b9abc8240508277f386923b5752636a4749204df8c7dc596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33519
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 690ms
389ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=2003786774641077&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=3&adks=2175863527&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601263&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

cbbfdeab8e09ee88521302ac05fc92c17d92480a483b8403fcc56aeeb13a07bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9249
x-xss-protection: 0
google-lineitem-id: 5816136471
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374459542
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 681ms
381ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=751429446697054&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=4&adks=1025159968&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601265&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9221909d9686d5e918ad9dcc0922aeae68e439454afdbcb4f458c37c83d4b8c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10183
x-xss-protection: 0
google-lineitem-id: 6074156355
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138399372974
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 613ms
312ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=3579846953647079&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=5&adks=1438974535&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601267&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b9e7d34ce1371dca3666efaa9b79de53408b449e6043e1fdd8080f1af7f37d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9558
x-xss-protection: 0
google-lineitem-id: 5778121850
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138361598025
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 508ms
208ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=513269523336219&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Crich2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=6&adks=3042874566&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601269&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

921c5d109ce57de3e7ea7a8373d1711028f8d20a485d280f96937d60144b1c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9902
x-xss-protection: 0
google-lineitem-id: 5778121850
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138361598025
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 1020ms
718ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=3733057803418750&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=7&adks=1499806689&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601272&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

294020b8f2b233aeef595d667a355d73afdae7a3bfbffac45f5ba155609474ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10524
x-xss-protection: 0
google-lineitem-id: 5504336788
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326745802
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 418 B
407 B 567ms
266ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=1571784923596492&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=8&adks=3940055961&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601275&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b0165c9846c32fe3e6a8db3dcd5123506e661f5a732fcafe6319705b0686603a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
416 B 703ms
399ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=3455705606555490&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=9&adks=72340997&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601277&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f377617539fc9498b7c81e50ba9dbc082b0817b499afb35041d7a114c247e5d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
415 B 606ms
303ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=2314229375266276&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Cresponsive4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=10&adks=2201913070&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601283&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d0879b3d53303a13607f3a5646aee077553c2ae33b80bd06fdf2a04432800fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
411 B 606ms
303ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=2946175163654295&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Cresponsive5&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=11&adks=1011234766&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601285&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

850cf8562f66555daa36c5ff91f568e643f7be3cf5bbc48e68796e4cd8102223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 100 KB
34 KB 639ms
337ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=293902574164472&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=12&adks=1000061626&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601286&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

0a73ad77324185bb7095d2897f074fb080621063a489ccf689ad93870d79c15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34876
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 96 KB
27 KB 637ms
335ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=3730057973035089&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=44890869%3A22630893834%2Cca-pub-3831894559014614-tag%2Cb4620e87-ee52-4f3a-a455-b7e3deeb67dc&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=13&adks=1634542020&sfv=1-0-38&ists=1&fas=8&fsapi=false&prev_scp=ti%3D5553379c-9d39-4e51-aef5-4f8f4341a98f%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D96&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601288&lmt=1660066601&dlt=1660066600158&idt=961&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

57089689126b47c8e42e684357e6eac97e7638084be7ecd7fae638abd5dbf7a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27449
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
22 KB 972ms
670ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=3131895769897541&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=44890869%3A22630893834%2Cca-pub-3831894559014614-tag%2C83fac26d-2452-4838-a410-3df406a76342&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=14&adks=2005084574&sfv=1-0-38&fsapi=false&prev_scp=ti%3D5553379c-9d39-4e51-aef5-4f8f4341a98f%26bid%3D0.17%26bid-p%3Dgoogle%26bsc%3D96%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601290&lmt=1660066601&dlt=1660066600158&idt=961&adxs=346&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=1140x616&msz=1140x616&fws=0&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

c9b2a12125a892485cf2b062432ee7939d67791de2a2e86afe7094eb44db202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22568
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 702ms
400ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=859055918323317&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=44890869%3A22630893834%2Cca-pub-3831894559014614-tag%2C83fac26d-2452-4838-a410-3df406a76342&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=15&adks=2005084573&sfv=1-0-38&fsapi=false&prev_scp=ti%3D5553379c-9d39-4e51-aef5-4f8f4341a98f%26bid%3D0.17%26bid-p%3Dgoogle%26bsc%3D96%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601293&lmt=1660066601&dlt=1660066600158&idt=961&adxs=346&adys=176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=1140x616&msz=1140x616&fws=0&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a08c600ee8a9c327dff5b3618845a0e8c1a4b01d8f65c29ccaaafbad2b73d656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10104
x-xss-protection: 0
google-lineitem-id: 5564063708
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 573ms
272ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=4455412509322939&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=44890869%3A22630893834%2Cca-pub-3831894559014614-tag%2C83fac26d-2452-4838-a410-3df406a76342&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=16&adks=2005084575&sfv=1-0-38&fsapi=false&prev_scp=ti%3D5553379c-9d39-4e51-aef5-4f8f4341a98f%26bid%3D0.17%26bid-p%3Dgoogle%26bsc%3D96%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660066601296&lmt=1660066601&dlt=1660066600158&idt=961&adxs=346&adys=2462&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=1140x616&msz=1140x616&fws=0&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

80853d72189c751312b7656869e6dcb721765e8328a9fb5a02f738145cc05792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9806
x-xss-protection: 0
google-lineitem-id: 5564063708
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DAFC 6 KB
4 KB 137ms
24ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 17:36:44 GMT
expires: Wed, 09 Aug 2023 17:36:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads_2022080401.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 330ms
29ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022080401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

897b0eda2eb5e7df39acd929ba9f3f0b30d84594239cef6874c91aabff9e3f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 10:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13600
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 08:38:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Aug 2023 10:39:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 100ms
64ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff0677672f113b5be04b41117f504b9fe2deb4b20c9f8b91af009b84f22e3077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10984
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1683728348&t=timing&_s=2&dl=https%3A%2F%2Fgo4kora.com%2F&ul=en-us&de=UTF-8&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%AC%D9%88%20%D9%81%D9%88%D8%B1%20%D9%83%D9%88%D8%B1%D8%A9%20%3A%20%D8%B9%D8%A7%D9%84%D9%85%20%D9%83%D8%B1%D8%A9%20%D8%A7%D9%84%D9%82%D8%AF%D9%85%20%D8%A8%D9%8A%D9%86%20%D9%8A%D8%AF%D9%8A%D9%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1740&pdt=3&dns=0&rrt=1&srt=243&tcp=0&dit=440&clt=440&_gst=377&_gbt=492&_cst=376&_cbt=374&_u=QACAAUAB~&jid=&gjid=&cid=1717641412.1660066600&tid=UA-117897648-1&_gid=1227886710.1660066600&gtm=2ou880&z=406322113

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:07:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16139
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1193ms
1142ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 17:36:45 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 43 KB
12 KB 30ms
29ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf019a1e03162a3ab267c3dc07d7eb9b1ddb76ce703755c49a7ca9edbd1d87db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 2852
x-amz-server-side-encryption: AES256
x-amz-request-id: D9YQ80QFKB999RSY
x-amz-id-2: jlwtikg21QemrnFkusyy5OZ568LT8cfM7trwbzhTwLKYN87WyEuUtDVKSee++ZcLdLBsIi0Buk4=
last-modified: Wed, 27 Jul 2022 15:06:46 GMT
server: cloudflare
etag: W/"ce8697e279fcae53e3ebebe92f9e8909"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 73824176886f23c7-ZRH

GET view
securepubads.g.doubleclick.net/pcs/ Frame 6128 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6128 0
0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 57ms
25ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 60ms
27ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 593ms
292ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=952295326542258&eid=44767022%2C42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=44890869%3A22630893834%2Cca-pub-3831894559014614-tag%2Cd5750738-e682-415f-819e-35e0af9a37c2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=17&adks=1116099808&sfv=1-0-38&fsapi=false&prev_scp=ti%3D5553379c-9d39-4e51-aef5-4f8f4341a98f%26bid%3D0.03%26bid-p%3Dgoogle%26bsc%3D96%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8a7dbdda62608c23-22d9e109ebcd004b%3AT%3D1660066604%3AS%3DALNI_MZ4xRYB5KpnVbrrhYzdku_E_sreZQ&abxe=1&dt=1660066601901&lmt=1660066601&dlt=1660066600158&idt=961&adxs=346&adys=2462&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=1140x616&msz=1140x616&fws=0&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

bedafae3621e003754e213eafe5569c5fecc409906d14d64939caf54be012b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11168
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B690 6 KB
3 KB 49ms
16ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 17:36:44 GMT
expires: Wed, 09 Aug 2023 17:36:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 48ms
17ms XHR
text/plain 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://go4kora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go4kora.com
date: Tue, 09 Aug 2022 17:36:44 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H3 200 container.html Show response
8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F681 6 KB
3 KB 21ms
18ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 17:36:44 GMT
expires: Wed, 09 Aug 2023 17:36:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 50ms
50ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.2&b=3&r=go4kora.com_auto_interstitial_desktop&sy=e31f4238-04e7-4f87-a62c-8c4b83ff5595&ts=96&cd=2&pud=93&pus=c&pue=351&pid=81&pis=c&pie=431&ppd=114&pps=a&ppe=465&pad=121&pas=c&pae=490&pcl=443&ttc=658&tti=2051&ttif=0&lca=465&lcak=ppe&lct=490&lctk=pae&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=go4kora.com&mlre=go4kora.com&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=5553379c-9d39-4e51-aef5-4f8f4341a98f&e=lm&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCVBVPMB9GXN2KCJ8RW8Q
date: Tue, 09 Aug 2022 17:36:44 GMT
cf-cache-status: HIT
age: 2243270
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 738241771ecf0208-ZRH

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BBA6 624 B
300 B 93ms
47ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLati8wBMAE&v=APEucNXryEKlb2nC3gk3UzMQGTekVN5XTDyBr-NfP1qdcYoDBBuydbk73kuKlvjlMZ9K25I7uViwa0UBpl-idq2Ofn-BKP8TiOdX3eSrTrPxQqN_v9cxpDlnXszeqrdkSg7tPw6KSvkwEJWpHZ2j2wl4EgUBAy_BvmKe3RXw5GWx1frP4OWTySo

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 17:36:44 GMT
expires: Tue, 09 Aug 2022 17:36:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B690 14 KB
11 KB 101ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9RISOENfWCoIXBca2kVir87ZbHwNryBOu_AtflnT4lkMSgaz4WniD9LU6NK4tW7Y0Qyyhs5R7vbzK4eNZVXe93Yk7nNQjNnCb5SoSnRvTEKRZ5JaDOKOyiFrfwAjWP9pMC6K75rpdeb1iaSJfvGeWYsarMA&cry=1&dbm_d=AKAmf-DmMYsDqlSXWaMeMe_Vhp9WS2QUvnuGpKFfVjNSOaX3R0uICWx6f8AnIhnuMRBm4ryFd1Gq3OHyqJeUdcTmeRMpEkUP0knHZC2ghvVdRaZe2LFDE8uMu6rOakRrXPZ_sgapvpA0hdeY8jv4c9HfFjGbllqUUIq1Vnvl6W3nBhVdTk94X3tnN1kDnz8R_fLbWp_lC6xoYoTX8GF8O6PvhfIihRndeCBC8OzcCzHhnjS1H7LSb5HtPbuUgWopI-2ahbWNE0lb980cn8AuEFxyXnJVDani0FVAxKYl3PlJqrVyv9tBTg-v4v91v5-DcohsXodKsNVG0SAH_3hjExVs2WJIbaVKrucZh8Qd1RabVxEyLwC7OpkFMv6jLGMVrl5JAmUezx7NFtiqux6bzE7KIHS-26URzWbGtFgk11SDh41jOHZ_3P0j9SzMUK-LrWNQy5r-cgfhqMyqHPj3eWL8ygIgIijMCHrsoPPshPZc23vRru6o8i4-A1lLQ_-F-rCAl_jq0nz4pMGslGUfGV4FCAOKpCeYwu_tUERVjsFMT4tsV_szv0T-lK_uxZEJo8W4uRQcr_43IIsSZEMD5OdKf2K2faIJXFbbDdQvyAjDTDjzUesF4AllY2cgxIh0ljEwLTQo2YYTYXKlLrmJWVXN5-HfgP6ck3uKcuh438wAphoi8x5b4oxjVWeQYyTglOUQBX9k1mU4DDj0PmeETheDsSFEJvKR47VhwialPHGv7brEe-mDZwyr2ZhYgQlJmMxmhpxqaZPy80Tp8Cswf54BU8WDUjQIxb-ojgxh-DjNOX1VwNMp1wujHInHROxA3OFFBBc9VmqoBrxhrF3v26r4mY3h9iLiGn6dc5a-_-KfpMEgbzl7LMjURg3eMvp9XwIB6rQodAxo0kGV6G22ch1qnwuVRk9zOyHT3WsnT1gcF2OyHoIeXSwcapZiYmPMJYNa4ssnzrzBTzslBJ1oXWwkeeh9r88mxkbtC6JJN-U6a-e9_k5B555fLGfQ44IkXFsQp1-YMK7Exgg8tA0wDDQO8oMKOIOcKhCydkIOkbDwsEhUpBsvNQu7oqDd0NWrN9ie1IVCnuqKgpTfA2qxijnpA7jHFIeCXf4muUM8R17TBe0OI7s1rx9gpyQvAC62fk5WUyM38c-vOukTmzjwVwmxuvxIVNLpHYnyL5CJ8fu9_xufEx1D4fyIQiMWTQYjHhsHWn1xYrFSs-wkV-hbJ-UVsBhstoKUJw4ID5b9PeTL7C38E0B-Ya83wyFygWjsV_lledJ7ScHoXxy30-1i-g_pqRMnvd3y2Cbw51pAIfsvc6EaQFTVHttBWG_leUgTmLBHqFEboWVs_cVkZuj_TDo_lxh1GEeb2Pl0PiJjMtA_5tDwJjv-clQMFKXe0Trzn3c4jlpwHDz5PjJWXeKeVyvLaQnD7InpcibYsXnwgR7Fr5frtxoHRtsedWlBHb4-to1ICwepwAJbXqQgoUUVfWm2qvi8FCQAwQBFu3JNxCtahRnk2GJ-KhfaFwewrsDYhx6hTPJgvOIj7tdaL3-xhzVy26j-Qb74kMQH8rIgQsE8z-Vrf_B9G_mmUJ6qiaxnRHvFYxmw8kCZYD00fV90gJdD0aPHknKcQCkW3LpN9EHO3oyedB3NFNyesWXn8APLgJvCbanBU-a9NiHKi5u-3ZUsxMSy6W4UdWB_u1nNYDFOx5qXCzyvd5KNgtV9MJQS66BxiVYlU7p6uTIEHMWxJEuwy9hZ4TPqyXB0C6mY9qiK--oDWA-U365b2JzEKnwvMCyj9fWLJqgKt_LwezK7iP-5NjAbDc7e2NtiEN8EdbbgVvucBsR9vH_fFwQlO8GodL3-39ErRRjKmBbJbrGyhHjVqwzuCNf5Z_nOKLkB0Jl1y8kp_9VqLwZFkZB1gg5Rd-cWpWG1CcL5oz5_uwP5MXTOY4vvZdE3qfKfYwEK6-f7doR_DECuCwWGes2NAlWna5WcRjYKBh1p-txUYyieB7tifro8ZrPt8CRp3cBM8rK2KNiGjaeg8lUT5RyCmXU88b-h56y8csv4CKnfc7qmUfZrTlC7HEFfoOLpawKABWFn6T-wklcTvnjqvv9cBNxfnmV3F_6aSnxq1fIsthLWJpUuH0hwxl3CCCARF80_x34TjWAXh26Or2no8ZBlfwzGvnevOoxXvNQOyGkTmrM0jEit1SzNeKdwMG2TIqqq4jdkWXC0b96BsZOjkefOscZ4eNOj6HQcs32EKjQR0k3lixd8_pgim0DZvKqF1dhkR2E5IUSx-7CGw_UT05nA2kU0440n7PjfnTb-jk9Eb-FyILcjI3bVv8gAuYdeBxyndfNL4LwVVSdbi16pIQOz8SIMHrGbxHoqbkSAETGAoG2fQ81iDHqzM2gCSyN98A0LDofexTUOJs1hTxCqdfsAHi2dApsZN6FeYR3AtwZ4kOXZ0Ye70ySdEzIk8a3MaEK-ElvzxvQNCHbzlvy1Y0bPCraItMlcHq7g-l-TrWe48jGWfthdREmp0leYNuXE-w76Xbx9BQ19-RmMavZAef3JLmHGPvI3HpbT4e2Ict908JbeNRBv4MxXKbirwW6R5Wc033P199u6owWvGVlmxQsh5vBvfM5aPws3G2mT72ygkOA0UJpI0j1JG8nAXPVohbFiOcPPQ_a_jRpPe_trlmhA6WEs6CF002wbd9gvmVw9bHZF2v7QcjwLg9MEY9LJXEVy6ZV3e9-qnH9BD9NzMFda2ZSXYH9NKVzzyhsDlTX2w9-LZyF3e8Jxl_8PXmhM-pSinyH5JSIgCEs4XJ47LQJ5ldvMOR0tPvFjAf4hd3rR4a1MNQ0OwZ7v-bRAUow1J5TrdfJB8Q4dggCq1OrIZu_M6zTg-MbN6YgApKGI7G10XwWZ7GqQX7K6YzDNhG1DHI_dwHeS4EUNqNJQLHBTbnC86wuPV6VkkZ7lVJtX7GVtCSr-xxUYCCKFCfdbABAXXOfiBjXKwzskn1mxaS7OrUttCsOYwQ1h7PhrUYgai1FStJ-7i52n9q67s2JxIsT-VcOwusjSRZuptCs2R4UVBXW4fNT7jU7I8ffjTg8XNLo4IAv75TDIS7s1AKhhGUhTwY54_9lr8jzYGFnQksMv0WEO7R3_nCgha8xugTFeD1Wvc_Zsm5Qc1glG6r7DaSXZC9nQ4rRFf0xsA6oXIrJEol5oH12k9EMDFCU9t-CL7sgPLpDW8gdn9IHnACzEw4zbyoiwHVIxoMjYJAiheXpJt4NK2Ks1h2XyK5WchOsgWpgDtXgK25Zp5eu5RS-JkBkWt60XK8f38pSS__-n9e1KYsYDB8tTTYDNpZG3BxIk&cid=CAASJ-Ro2im-0HiwnyTLDr13pGnvUb28Fn1rM2YG1IV46KFCxTJPhWGMnA&rfl=1%2Chttps%253A%252F%252Fgo4kora.com%252F%240

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a983fe15e3e7ca34e624f71f34a2d5a879ecfc05a1542b8128f04c11ffe9492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B690 42 B
63 B 57ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DybzV-yosQUK7sNOrRJuv7GwFI67W_9urBnbUggBst85hqJ0m5iHsFSTQtNLUN3sDJCP0TarIHuwZGTaJvKZurLDE0oH2jJ0Kbdb2emtLok-LxyJA

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame B690 2 KB
1 KB 791ms
341ms Script
application/javascript 2a02:26f0:f700:2a3::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=184716&plc=6565985&sid=18330&dvregion=0&unit=728x90
Requested by: Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:2a3::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 17:36:45 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Jul 2022 08:29:57 GMT
Server: Microsoft-IIS/10.0
ETag: "f8e0a365b799d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame B690 3 KB
1 KB 31ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 17:25:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B690 140 KB
43 KB 46ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 17:36:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame B690 17 KB
8 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 17:30:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B690 0
0 478ms
29ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPo1CN7NppkOQJlzySpdD9dVvLYsdy31LC7ijD_XkK8dzJpKeKoHoAnIE6ENOsVv9X1AVlHMHVX2G_kIPns0u1ke81_g
Requested by: Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 css2
fonts.googleapis.com/ Frame F681 4 KB
636 B 37ms
35ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 16:25:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 17:36:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 17:36:44 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame AE7D 23 KB
10 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
server: cafe
etag: 13823643058518418725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 17:26:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AE7D 8 KB
716 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 16:19:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 17:36:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 17:36:44 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/ Frame AE7D 14 KB
3 KB 446ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.css

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 12:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 10:45:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 12:52:45 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/ Frame AE7D 356 KB
123 KB 447ms
19ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b0c868e05a8b05c5653a259a40647d60b3cfea7ed14903beaf1298d72e519fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 12:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126003
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 10:45:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 12:52:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame AE7D 17 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 17:30:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AE7D 0
0 463ms
29ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpzO1aOcZ20pWk2RkoPuxZDtcDqV0_KUAcN1a0UD003CjfdinzcopmDZXwNt0UBBbJhB5CRDbGCIfRrom-0qN3d0NBBA
Requested by: Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/ Frame F681 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8392
x-xss-protection: 0
server: cafe
etag: 14983445617412810031
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 16:46:27 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 5BC3 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5BC3 0
0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
31ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 17:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
23 KB 607ms
306ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768919082520376&correlator=2819406461698683&eid=44767022%2C42531605&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=44890869%3A22630893834%2Cca-pub-3831894559014614-tag%2Cd5750738-e682-415f-819e-35e0af9a37c2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=18&adks=1116099822&sfv=1-0-38&fsapi=false&prev_scp=ti%3D5553379c-9d39-4e51-aef5-4f8f4341a98f%26bid%3D0.03%26bid-p%3Dgoogle%26bsc%3D96%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D5c8ad1c970fee913-229ffc19eccd008b%3AT%3D1660066604%3AS%3DALNI_MZV9cnBmD8cIISjtqHMj7jTKrYsYg&abxe=1&dt=1660066602056&lmt=1660066602&dlt=1660066600158&idt=961&adxs=346&adys=176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&psz=1140x616&msz=1140x616&fws=0&ohw=0&ga_vid=1717641412.1660066600&ga_sid=1660066601&ga_hid=1683728348&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRiFuLidqDBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ca64723ef7c779fc9f11641414aa03cac5aecfe79cfdc2b540f9b148b809a857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23690
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B690 41 KB
15 KB 316ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9RISOENfWCoIXBca2kVir87ZbHwNryBOu_AtflnT4lkMSgaz4WniD9LU6NK4tW7Y0Qyyhs5R7vbzK4eNZVXe93Yk7nNQjNnCb5SoSnRvTEKRZ5JaDOKOyiFrfwAjWP9pMC6K75rpdeb1iaSJfvGeWYsarMA&cry=1&dbm_d=AKAmf-DmMYsDqlSXWaMeMe_Vhp9WS2QUvnuGpKFfVjNSOaX3R0uICWx6f8AnIhnuMRBm4ryFd1Gq3OHyqJeUdcTmeRMpEkUP0knHZC2ghvVdRaZe2LFDE8uMu6rOakRrXPZ_sgapvpA0hdeY8jv4c9HfFjGbllqUUIq1Vnvl6W3nBhVdTk94X3tnN1kDnz8R_fLbWp_lC6xoYoTX8GF8O6PvhfIihRndeCBC8OzcCzHhnjS1H7LSb5HtPbuUgWopI-2ahbWNE0lb980cn8AuEFxyXnJVDani0FVAxKYl3PlJqrVyv9tBTg-v4v91v5-DcohsXodKsNVG0SAH_3hjExVs2WJIbaVKrucZh8Qd1RabVxEyLwC7OpkFMv6jLGMVrl5JAmUezx7NFtiqux6bzE7KIHS-26URzWbGtFgk11SDh41jOHZ_3P0j9SzMUK-LrWNQy5r-cgfhqMyqHPj3eWL8ygIgIijMCHrsoPPshPZc23vRru6o8i4-A1lLQ_-F-rCAl_jq0nz4pMGslGUfGV4FCAOKpCeYwu_tUERVjsFMT4tsV_szv0T-lK_uxZEJo8W4uRQcr_43IIsSZEMD5OdKf2K2faIJXFbbDdQvyAjDTDjzUesF4AllY2cgxIh0ljEwLTQo2YYTYXKlLrmJWVXN5-HfgP6ck3uKcuh438wAphoi8x5b4oxjVWeQYyTglOUQBX9k1mU4DDj0PmeETheDsSFEJvKR47VhwialPHGv7brEe-mDZwyr2ZhYgQlJmMxmhpxqaZPy80Tp8Cswf54BU8WDUjQIxb-ojgxh-DjNOX1VwNMp1wujHInHROxA3OFFBBc9VmqoBrxhrF3v26r4mY3h9iLiGn6dc5a-_-KfpMEgbzl7LMjURg3eMvp9XwIB6rQodAxo0kGV6G22ch1qnwuVRk9zOyHT3WsnT1gcF2OyHoIeXSwcapZiYmPMJYNa4ssnzrzBTzslBJ1oXWwkeeh9r88mxkbtC6JJN-U6a-e9_k5B555fLGfQ44IkXFsQp1-YMK7Exgg8tA0wDDQO8oMKOIOcKhCydkIOkbDwsEhUpBsvNQu7oqDd0NWrN9ie1IVCnuqKgpTfA2qxijnpA7jHFIeCXf4muUM8R17TBe0OI7s1rx9gpyQvAC62fk5WUyM38c-vOukTmzjwVwmxuvxIVNLpHYnyL5CJ8fu9_xufEx1D4fyIQiMWTQYjHhsHWn1xYrFSs-wkV-hbJ-UVsBhstoKUJw4ID5b9PeTL7C38E0B-Ya83wyFygWjsV_lledJ7ScHoXxy30-1i-g_pqRMnvd3y2Cbw51pAIfsvc6EaQFTVHttBWG_leUgTmLBHqFEboWVs_cVkZuj_TDo_lxh1GEeb2Pl0PiJjMtA_5tDwJjv-clQMFKXe0Trzn3c4jlpwHDz5PjJWXeKeVyvLaQnD7InpcibYsXnwgR7Fr5frtxoHRtsedWlBHb4-to1ICwepwAJbXqQgoUUVfWm2qvi8FCQAwQBFu3JNxCtahRnk2GJ-KhfaFwewrsDYhx6hTPJgvOIj7tdaL3-xhzVy26j-Qb74kMQH8rIgQsE8z-Vrf_B9G_mmUJ6qiaxnRHvFYxmw8kCZYD00fV90gJdD0aPHknKcQCkW3LpN9EHO3oyedB3NFNyesWXn8APLgJvCbanBU-a9NiHKi5u-3ZUsxMSy6W4UdWB_u1nNYDFOx5qXCzyvd5KNgtV9MJQS66BxiVYlU7p6uTIEHMWxJEuwy9hZ4TPqyXB0C6mY9qiK--oDWA-U365b2JzEKnwvMCyj9fWLJqgKt_LwezK7iP-5NjAbDc7e2NtiEN8EdbbgVvucBsR9vH_fFwQlO8GodL3-39ErRRjKmBbJbrGyhHjVqwzuCNf5Z_nOKLkB0Jl1y8kp_9VqLwZFkZB1gg5Rd-cWpWG1CcL5oz5_uwP5MXTOY4vvZdE3qfKfYwEK6-f7doR_DECuCwWGes2NAlWna5WcRjYKBh1p-txUYyieB7tifro8ZrPt8CRp3cBM8rK2KNiGjaeg8lUT5RyCmXU88b-h56y8csv4CKnfc7qmUfZrTlC7HEFfoOLpawKABWFn6T-wklcTvnjqvv9cBNxfnmV3F_6aSnxq1fIsthLWJpUuH0hwxl3CCCARF80_x34TjWAXh26Or2no8ZBlfwzGvnevOoxXvNQOyGkTmrM0jEit1SzNeKdwMG2TIqqq4jdkWXC0b96BsZOjkefOscZ4eNOj6HQcs32EKjQR0k3lixd8_pgim0DZvKqF1dhkR2E5IUSx-7CGw_UT05nA2kU0440n7PjfnTb-jk9Eb-FyILcjI3bVv8gAuYdeBxyndfNL4LwVVSdbi16pIQOz8SIMHrGbxHoqbkSAETGAoG2fQ81iDHqzM2gCSyN98A0LDofexTUOJs1hTxCqdfsAHi2dApsZN6FeYR3AtwZ4kOXZ0Ye70ySdEzIk8a3MaEK-ElvzxvQNCHbzlvy1Y0bPCraItMlcHq7g-l-TrWe48jGWfthdREmp0leYNuXE-w76Xbx9BQ19-RmMavZAef3JLmHGPvI3HpbT4e2Ict908JbeNRBv4MxXKbirwW6R5Wc033P199u6owWvGVlmxQsh5vBvfM5aPws3G2mT72ygkOA0UJpI0j1JG8nAXPVohbFiOcPPQ_a_jRpPe_trlmhA6WEs6CF002wbd9gvmVw9bHZF2v7QcjwLg9MEY9LJXEVy6ZV3e9-qnH9BD9NzMFda2ZSXYH9NKVzzyhsDlTX2w9-LZyF3e8Jxl_8PXmhM-pSinyH5JSIgCEs4XJ47LQJ5ldvMOR0tPvFjAf4hd3rR4a1MNQ0OwZ7v-bRAUow1J5TrdfJB8Q4dggCq1OrIZu_M6zTg-MbN6YgApKGI7G10XwWZ7GqQX7K6YzDNhG1DHI_dwHeS4EUNqNJQLHBTbnC86wuPV6VkkZ7lVJtX7GVtCSr-xxUYCCKFCfdbABAXXOfiBjXKwzskn1mxaS7OrUttCsOYwQ1h7PhrUYgai1FStJ-7i52n9q67s2JxIsT-VcOwusjSRZuptCs2R4UVBXW4fNT7jU7I8ffjTg8XNLo4IAv75TDIS7s1AKhhGUhTwY54_9lr8jzYGFnQksMv0WEO7R3_nCgha8xugTFeD1Wvc_Zsm5Qc1glG6r7DaSXZC9nQ4rRFf0xsA6oXIrJEol5oH12k9EMDFCU9t-CL7sgPLpDW8gdn9IHnACzEw4zbyoiwHVIxoMjYJAiheXpJt4NK2Ks1h2XyK5WchOsgWpgDtXgK25Zp5eu5RS-JkBkWt60XK8f38pSS__-n9e1KYsYDB8tTTYDNpZG3BxIk&cid=CAASJ-Ro2im-0HiwnyTLDr13pGnvUb28Fn1rM2YG1IV46KFCxTJPhWGMnA&rfl=1%2Chttps%253A%252F%252Fgo4kora.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 16:26:05 GMT

GET
H3 200 container.html Show response
8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9763 6 KB
3 KB 17ms
17ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 17:36:44 GMT
expires: Wed, 09 Aug 2023 17:36:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 38ms
37ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.17&b=1&r=go4kora.com_fluid_sky%2Bsq&sy=e31f4238-04e7-4f87-a62c-8c4b83ff5595&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=go4kora.com&mlre=go4kora.com&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=5553379c-9d39-4e51-aef5-4f8f4341a98f&e=lm&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCVBVPMB9GXN2KCJ8RW8Q
date: Tue, 09 Aug 2022 17:36:45 GMT
cf-cache-status: HIT
age: 2243271
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 738241794a350208-ZRH

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BBA6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5dHXS1bbziFYxscuQncSU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5dHXS1bbziFYxscuQncSU&google_cver=1&C=1

43 B
908 B

46ms
45ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5dHXS1bbziFYxscuQncSU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLati8wBMAE&v=APEucNXryEKlb2nC3gk3UzMQGTekVN5XTDyBr-NfP1qdcYoDBBuydbk73kuKlvjlMZ9K25I7uViwa0UBpl-idq2Ofn-BKP8TiOdX3eSrTrPxQqN_v9cxpDlnXszeqrdkSg7tPw6KSvkwEJWpHZ2j2wl4EgUBAy_BvmKe3RXw5GWx1frP4OWTySo
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7382417beedcbbef-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 17:36:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFoCaKE3rnC5XkBqT6%2BenRthzpNFvO7803pgIYwvF%2FezJyD6Iz5vA4x3fay9ElzP3DGkxpeTAvBGJeUehfrMzirUdjgnnP98D38Lvny0Le2rfHUvirf5oHrQlEHd9wJeYf2dNcFdTSUBWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCqooQsn9uC5W83LdF2gAlWdrLBNcoQJcFViXrog9jlJ2PJpPxvsjanT%2FN%2FkedWZHFnkiL2woBcd%2BlRao1HTIVddsc3xVmEhyjsfWGuc2VZ5zjhh3TPv0hYFIeqY3VB2BmkbaFouFhvj5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEA5dHXS1bbziFYxscuQncSU&google_cver=1&C=1
cache-control: no-cache
cf-ray: 7382417b4d06eda7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BBA6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvKbLdXybgRVpf1Cq.DCQgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8um2Ott4rVgCUoZDBS4c0&google_cver=1&google_hm=2

43 B
910 B

46ms
46ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8um2Ott4rVgCUoZDBS4c0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLati8wBMAE&v=APEucNXryEKlb2nC3gk3UzMQGTekVN5XTDyBr-NfP1qdcYoDBBuydbk73kuKlvjlMZ9K25I7uViwa0UBpl-idq2Ofn-BKP8TiOdX3eSrTrPxQqN_v9cxpDlnXszeqrdkSg7tPw6KSvkwEJWpHZ2j2wl4EgUBAy_BvmKe3RXw5GWx1frP4OWTySo
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7382417c7fa0bbef-FRA
pragma: no-cache
date: Tue, 09 Aug 2022 17:36:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWeKPu8A8G%2F2kfUAjGqINkH9Iwb4OKKa0HWHU63%2FBLVldH9M7bRu7gdoiZ8bTMnM5Qm9zzyHIOo8IcUmPKb5M%2F2R8f7bVB2o6XmXScXSRczWS3ayL9tyyKKQrwt7NeQiVGwdxfn9hVWMiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8um2Ott4rVgCUoZDBS4c0&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BBA6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE7kxAgqr7W7DmdY_0U8Q2E&google_cver=1

43 B
1018 B

34ms
25ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE7kxAgqr7W7DmdY_0U8Q2E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLati8wBMAE&v=APEucNXryEKlb2nC3gk3UzMQGTekVN5XTDyBr-NfP1qdcYoDBBuydbk73kuKlvjlMZ9K25I7uViwa0UBpl-idq2Ofn-BKP8TiOdX3eSrTrPxQqN_v9cxpDlnXszeqrdkSg7tPw6KSvkwEJWpHZ2j2wl4EgUBAy_BvmKe3RXw5GWx1frP4OWTySo

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 17:36:45 GMT
X-Proxy-Origin: 146.70.117.110; 146.70.117.110; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 219baa04-377e-43f3-a092-65b99fd0ad22
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE7kxAgqr7W7DmdY_0U8Q2E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BBA6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ5ODQ2OTc1MTgxNTk2OTYwMw%3D%3D

170 B
188 B

96ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ5ODQ2OTc1MTgxNTk2OTYwMw%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 17:36:45 GMT
X-Proxy-Origin: 146.70.117.110; 146.70.117.110; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ef75176f-4b31-4b03-a64e-d13412cf34e0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ5ODQ2OTc1MTgxNTk2OTYwMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CA63 22 KB
8 KB 18ms
17ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 436240
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 16:26:05 GMT
expires: Fri, 04 Aug 2023 16:26:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame 9763 23 KB
9 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
server: cafe
etag: 13823643058518418725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 17:36:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9763 8 KB
716 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 16:25:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 17:36:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 17:36:45 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/ Frame 9763 14 KB
3 KB 70ms
34ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.css

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 12:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 10:45:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 12:52:45 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/ Frame 9763 356 KB
123 KB 54ms
18ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b0c868e05a8b05c5653a259a40647d60b3cfea7ed14903beaf1298d72e519fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 12:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126003
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 10:45:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 12:52:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 9763 17 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 17:30:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9763 0
0 27ms
27ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-gS2kR3Bj-uXRP3z1b8DTd66m6-PJRUmDR4Y-6W_o0XUkNBbOaT1r6sdIyGexkr18Qj9CLY605FwmGKhwsk_2UVcEZA
Requested by: Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame CA63 36 KB
14 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 13:08:06 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207221643000/ Frame 2FB9 220 KB
61 KB 105ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 91120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61462
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "006401e583f0e23c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 2FB9 14 KB
5 KB 166ms
86ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 91120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 2FB9 94 KB
28 KB 153ms
73ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 91120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 2FB9 5 KB
2 KB 164ms
85ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 91120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 2FB9 40 KB
13 KB 143ms
63ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 91120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
DATA 200
OK truncated
/ Frame 2FB9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d02c7e391ac291410c6cd5c665b612e3293226ca94e2003cf2045299cd62faf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3366941393642545294
tpc.googlesyndication.com/simgad/ Frame 2FB9 83 KB
83 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3366941393642545294?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkiBDgMtYEf0kknWytTTCyeaakELQ

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad82495e6b8d6035f8d303377775259563f5b603b680726c318ce85f17230d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 06:34:16 GMT
x-content-type-options: nosniff
age: 39749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84758
x-xss-protection: 0
last-modified: Fri, 27 May 2022 12:42:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Aug 2023 06:34:16 GMT

GET
H3 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2FB9 3 KB
3 KB 35ms
33ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 14:47:43 GMT
x-content-type-options: nosniff
server: cafe
age: 10142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9421415325968714010
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Wed, 10 Aug 2022 14:47:43 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2FB9 344 B
368 B 28ms
26ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:34:18 GMT
x-content-type-options: nosniff
server: cafe
age: 147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 10 Aug 2022 17:34:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2FB9 0
0 100ms
31ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgX_MsfBSlxoxLiXksqjj5zcd2UFCuXuFDm1dzJhjUbZ39OmgcvvGlXs2qqUk9zkykMPUhqat_gFtIqw3ByHiRWvje2w
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2FB9 0
0 216ms
77ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0Mx5LJvyYpHyOPy59u8P_Yad-Aypkturat66x46CENr39vmODhABIJWbyiFgleKQgqAHoAG5msqSAcgBAqkCKjqzNXk1jT7gAgCoAwHIAwiqBNsBT9DCCpl_6GwKk4pEIaDP1kolO8rgLwiAdZOX86zH8gCaH2256yf0dNBHKCinIg9c8JGeSxOjzmfvM2grbeExJr1aPormnu35OFTzlhH14r2Qa6fcP9r_nbcXrehndsJghNYydBaALBpLK15F0KgTAcLI_1ikmFoPblMtfoxlQfofaqlB6j3ITORIKQkryQXSag7gGp4yoUuf_aO0MdTUjBrSNpnRZZ3dooJw0n9ROzhX2if-rNx9Kddx_UV9te7biN-27G6mtVvjsc55wfMyREzhPcVwCHcL2eOCwASZxa2UhATgBAGSBQQIBBgBkgUECAUYBKAGAoAHr-W17QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDowALSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMTY5NzQ3MDM3NTM5NjA4MIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=dZiwg3apSdg&uach_m=[UACH]
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 36ms
35ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=go4kora.com_fluid_sky%2Bsq&pn=1&sn=2&pc=0.3201713145750092&ds=true&bv=0&e=wdp&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCVBVPMB9GXN2KCJ8RW8Q
date: Tue, 09 Aug 2022 17:36:45 GMT
cf-cache-status: HIT
age: 2243271
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382417a8c910208-ZRH

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 38ms
37ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.03&b=2&r=go4kora.com_fluid_sky%2Bsq&sy=e31f4238-04e7-4f87-a62c-8c4b83ff5595&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=go4kora.com&mlre=go4kora.com&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=5553379c-9d39-4e51-aef5-4f8f4341a98f&e=lm&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCVBVPMB9GXN2KCJ8RW8Q
date: Tue, 09 Aug 2022 17:36:45 GMT
cf-cache-status: HIT
age: 2243271
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382417a8c940208-ZRH

POST
H2 204 csi
csi.gstatic.com/ Frame AE7D 0
327 B 123ms
52ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l6mgskfb&c=6137452394096&slotId=3068726197048&qqid=CM-zhYKmuvkCFfWZ_QcdQcUGMA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE7D 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CtKLVLJvyYs_tFPWz9u8PwYqbgAOioMuwat79453tD5bRyM_gARABIJWbyiFgleKQgqAHyAEFqAMByAObBKoE6QFP0IRX2yP8cw4bhcu1XOh5-pDY7NlbGCTwjF06JKjnEVj1WFrZwgctrs2OVHr0vX9jkxed0dXFRKFUef-UjalfYskitg5KMfWSrdkIIa_MVyhhUqk84xpK5ZtGQMmC3p2ZqCxvL8nrFsrjpwj_tZnmFUWYo8rKwKRmtTJMSmCstImXe43Wj-oCyxHF9g6BdjbFRziD8gzkfWuxhpSVoxVYKmcn8_vB2Tlu0IV3lIgoResGjxlwQOB17sgEt6B4uMC02zp6MPzM5U2CTDroSTxO-TIJKB_VYmabvCx7UCB3k4aKIW4NRv7Ll8AE9fLqif8D4AQDkAYBoAZ5gAf_k7XhAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTE2OTc0NzAzNzUzOTYwODCACgPICwHgCwGADAGwE465qw_QEwDYEwqIFAXYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1660066602608&ai=CtKLVLJvyYs_tFPWz9u8PwYqbgAOioMuwat79453tD5bRyM_gARABIJWbyiFgleKQgqAHyAEFqAMByAObBKoE6QFP0IRX2yP8cw4bhcu1XOh5-pDY7NlbGCTwjF06JKjnEVj1WFrZwgctrs2OVHr0vX9jkxed0dXFRKFUef-UjalfYskitg5KMfWSrdkIIa_MVyhhUqk84xpK5ZtGQMmC3p2ZqCxvL8nrFsrjpwj_tZnmFUWYo8rKwKRmtTJMSmCstImXe43Wj-oCyxHF9g6BdjbFRziD8gzkfWuxhpSVoxVYKmcn8_vB2Tlu0IV3lIgoResGjxlwQOB17sgEt6B4uMC02zp6MPzM5U2CTDroSTxO-TIJKB_VYmabvCx7UCB3k4aKIW4NRv7Ll8AE9fLqif8D4AQDkAYBoAZ5gAf_k7XhAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTE2OTc0NzAzNzUzOTYwODCACgPICwHgCwGADAGwE465qw_QEwDYEwqIFAXYFAHQFQH4FgGAFwE

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame AE7D 22 KB
14 KB 215ms
81ms XHR
text/xml 64.233.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C0xL2JW2PmdQncrN4gluLq7q-JqR_8KhdZwY5v6rVeQv9LWWobpKpgV2vvpOP5nSQF58Zxb8vf6fG4EIcMtyQUwfW4Bg&cry=1&dbm_d=AKAmf-C91arFiBB4nyxbtRbmQnA39XDojhfZiJOVLiE9n-A3Da8PUMJS7vl3CH5nxQ6lx3Dq629C3FwEqg885uUCPUd6GQJvEpJdcZGsYRTLdk70SAIu1Ej7r8KVDM1XvMs4Cnc0ItS-vREaxpSUBD6oCE2g5d83xg__yNNV-DeX7dipxxlM2lP_2GrB3ezil_GOwb3oYPgmuiPQ_F7mHb6q3pWtd2gSQRs0hp7qjzSirzvNKms2CzPd19n9suyZrUKzePiJx9yLqSFMma16wvlkJKnml0DFNKKwZ-PHqOomgKx-Rky3gL33jRHbhqV0LemmfB8l_nfy9tqMYHGCdQfYnUFRknBRzItna6N05_eU02rgmoAcBJdwkyc5OxpnOfOhOb6LkfZok4vBxiY-BWEV4nO-ANKPcISFO8r3R3P9Q2NRukH-0J43F9ebsC_ksRN9_xNm21W9OWBiLfSoONNDXTMt9puue4Lx_J_cxKUkLwBIvc0prIRYYbidvpl9Ey0nbI3qLWCH-q219lERVRUhCtVu_o6Lum43prdBAoql2DWxWCYCUPpcG3AUtptmtO2g6YTrKFynWbzHfzS-W5nZHVwZyv1EjSCS1c3m2axoNTwCwO5eiQ7YwYH3dpXjJDharFXbwWVv4a__T8ptN392zosPGqWrXgu7NFI3b7a8KCptzhRHfos69-hEDnI3xk2O2auxbi492zavPIrErwPJ_b9BvEpYYOBo9kMo2AUte8RHYrcPdfsQFhxArsB3FrGKRfk-ksXhi26VIipVaf2oWs-0nIYJ-qkeBX9AQAtwcd7CpEIC_dz1P21997neulE2J90asMO-fojvV1qTW0-7gDr9w7ArFRmWsFYrVGqQwXoXGxzDZccon2mXsfWmVzf-CAKKLUpbrCq8UZ7igImulXH_qIal8-YAx_xboYDLVkKot4jF8nl3qYwLMGQVTuBpitwirUOXvvNCZ4yPFSxzrtHtwP-BF-w22ZT4E1AisGQ2NT_XjQcx80lt3YPRKNv1EwBb7P6iQf4oYINAFMEGJ1Y_1czndDJ4QLyZX6xiD1BGqGFVHwpSu-3Dyt3NqA89paDWZV4IFoeQaQ1gQGfUfGGctH64Ausz9doVDMNKMPNl2erqCS16gPEUzKur6PIcmnMIcAuASPBo-B9-rNPadmmt1jre_ultoOQ2ZYErX6aI8nQu2yPdDkq9Biia04X_q68GBY7Teeend8EcBtJb06p5snipl_tDAGwinug8c82jsuVtZ1RjdG9GCF-pNRIdIGP0iCUuS21Z6rvKAeK09V1Y6yMlICwi76K_WfLPeTJYNf71wRxhN3UF5mgfzBNaIEreNfoAFDqOwzZRO87Lu1ICFnvAIAiyvdoyDTMrAbbQxQs06ouo49CNFwGgUBwbfmcUXAHnivIjj8YcZwLLKzsoMdnJinLre7FjJNBD5lwXE38ZPS11xGYe6ZNIGdyMlvV6EWwuIeWghCYRJndzJlTJveIaXwgC0-w9m8_WulWYWcBVYchcU4rwlFxdDbe9_tK70YSGhZMexH0pczhj8KAsz-ev_nAxwVzo2Ubd_XaKJPEbBB_HEo-Kh1il_CtED-YeyuVga-0YjkrapZZpMygo9oUaszMT3a0Cal4qFrClK-RhtZ5g2GGraOrhvBqvSTbStQ8VGjtQhxnafkBFy7WfDuxgcdO7UAdsU9yu52C3Tf6KvCnrRgaezjCVuKXyNY4Z53Vx2Gjw56HtWonSYR4InttRdQ_fXpQzJAKXSJEmAxwtOjuLwqzY7gdH3Bm-Lw8eZy8H1U1vjWNAWSGk-822ERuhJ-Swue-4jrz6mYh9vPmyIhq_7KzzNQPC1jC3UXOjNpyjFuV4pf0JagXSW43jMPq1F5dcuV883ly2oiH3jBJ2_A6FV34JE2moGoCtrk_wagz0LPtKJXFO4sU5IWBeAaTaQjh5_ceC497SYG3W6UOgensVEXFsUyxRWcUc_sCMbTvl4isp_09iERhcwI5PIpsPIur2Z5eTYTNhJiP9sxJ2cH6sd7mQlYvUsAy4O3kk28g3qE0ubxcgzNIqew0Qc1wdxaQ-R4h5gfjaSwztX2HMBdXH_dLfUIHUXhVDjCW1LLEP7PwtpKfPFmKE7pRCtJ5HxfZIwkhiNKaB70DvljVRQ4PSHs61HL1EMkxdCzUGtRargfbUx_cPuSm0pRU0_jDxFURV7lLRHX0JGU5eVf676e9_YZ71mHVWAfw8U0lFH2aOhsJGQAKqeLrJ3zKOjqKEKiLZLW7QWJSN3aGeOI_l757s03SXhVFGHCHRjtsYBKOF6z9wyydUD7bCwgPhv5m2KNCWVOjiA4V3CnzAnPwwqmhtzvDoOy_e0LXRDgcsUkF8LBK7Z96FfF7rLcMCSszLa1bunjsUeS4fwNX55JOzzrtJBlglmZU7bNQPot5XEMC3k3zrMEmjdFUthm8h3_5fbp5TyefuJ30hgLkhjoU0FEpWF-mIKKyAJykKaQiIGuYlvBqarWHioRRAQZ_7ICMTWMZWHE-8rSje5p2pnuYx3UL9a2GckE5ajU6s_OqL7MtZou7hgaqti_zHH9_rhys1deYP54cCC8EmZMuxHdrgVOZwHgeTg7CvHD7ht8Byvuy7-qXbvUCFJ87rDl30-GJ2lpPfHM31cW4tLs7z9bx39kdxlsOvOnKaZmLHgj03PrM9Sb97m3csEsC5k5qh-ChujhbKIkR3AwmxeRDUQ86zViguK1bk8sz5eEgNnzt_HgBJ1cmNf0RqLepRqcs3FQDS8F7i-Zwn8EYy0BM7ZIAXujGuiwTsyWWR5GjlPxRD_kCXHJHLu830OgtWX7NAwx-_kAuYIuTc-HqjwpnVgRtNY1yGJN3_dxfYJgvmfXOB4X4WdaTzdHXdwVKjoobxgZXNXe-9q5EMi2Ub5PhtGHGjomQt50A3283UAQe81jcabbSKuHUwNOFmmxcGUQJpnDpLuJmWuzqHYvVDQvpyylqWtnKSIpESAZBBrSY5gGaY4oiZfmbAi1iHyq8u9NEnTs7LA-VEJ5W2x3ddPyFPsu6URTQKLJliv8SnEv8oo29XOl-xtHLAW_WdOOM8a_ODw2zUo8YFYXSr88vcYdRjwycpWLrPVlUJ9XTKbKMTznOVWikSSbvnvyW3n82Y7wdlXS2c2gc3S0frEj3_HGXuFvuHxbJHydUB0BP0q9PdpCdK064IGIdcOMhQp0NKiez3Do2u-w&cid=CAASKORoEVotDryCyNO1b-L4um_uBovqSfP8_e95LUyPMyBRuMJ6c-WnURk&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f155.1e100.net

Software

cafe /

Resource Hash

a44527e65d978002df9191e57425be7a304243811ec4f02625871b6b9df3ffbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14454
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9763 0
54 B 72ms
53ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l6mgskgc&c=6577407012490&slotId=3288703506245&qqid=CML7hYKmuvkCFbfuuwgdjSgOSQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9763 15 KB
16 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 216424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 05:29:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9763 15 KB
15 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 466494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 08:01:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9763 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CPIuRLJvyYsK1Fbfd7_UPjdG4yASioMuwas7_453tD5bRyM_gARABIJWbyiFgleKQgqAHyAEFqAMByAObBKoE6AFP0PbXKytBL-E7P4GBabvUuEjURe0EWoHpiZbVwqtUwriOIssY3Y-ABkY4QUsXgOPkUQcf-82kkDJTqEiuTpgSOPuSuuyQp7qoa1Vzyz_FLOxdh4_8MuqY5ZQCXoqANjf11pEYubjshPrYtjpfxj02OPKa6QIN2q8eQOdwrtCLKWvBsfG1AWmGG0387rbyh_aEvfgon0HA4pvYyrUMrvrnpUfM9hXzxk00Abb5Ihlh06qPFvOS5Ff0wHsvEL8QHsU2s50bK0elm8PhIk7k4iIDVtrSllihbB9SUqsEVRtaxfkMq6mi56oTwAT18uqJ_wPgBAOQBgGgBnmAB_-TteECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEgiI4YAQEAEYHTIDqoIBOgKAQPIIG2FkeC1zdWJzeW4tMTY5NzQ3MDM3NTM5NjA4MIAKA8gLAeALAYAMAbATjrmrD9ATANgTCogUAdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1660066602660&ai=CPIuRLJvyYsK1Fbfd7_UPjdG4yASioMuwas7_453tD5bRyM_gARABIJWbyiFgleKQgqAHyAEFqAMByAObBKoE6AFP0PbXKytBL-E7P4GBabvUuEjURe0EWoHpiZbVwqtUwriOIssY3Y-ABkY4QUsXgOPkUQcf-82kkDJTqEiuTpgSOPuSuuyQp7qoa1Vzyz_FLOxdh4_8MuqY5ZQCXoqANjf11pEYubjshPrYtjpfxj02OPKa6QIN2q8eQOdwrtCLKWvBsfG1AWmGG0387rbyh_aEvfgon0HA4pvYyrUMrvrnpUfM9hXzxk00Abb5Ihlh06qPFvOS5Ff0wHsvEL8QHsU2s50bK0elm8PhIk7k4iIDVtrSllihbB9SUqsEVRtaxfkMq6mi56oTwAT18uqJ_wPgBAOQBgGgBnmAB_-TteECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEgiI4YAQEAEYHTIDqoIBOgKAQPIIG2FkeC1zdWJzeW4tMTY5NzQ3MDM3NTM5NjA4MIAKA8gLAeALAYAMAbATjrmrD9ATANgTCogUAdgUAdAVAfgWAYAXAQ

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9763 22 KB
15 KB 156ms
72ms XHR
text/xml 64.233.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DO2FiV5vuXWAlYNkvapDGvr2RRpzVBbJdn0N_xsv-9kT1PoBhjibHxafFb8Twxx8A69ZARywhJ63CkNElFBvBV_HmSyQ&cry=1&dbm_d=AKAmf-C4C42QfVCjIJnPL-q5EVNMZwTMtqQBeQ6_ppKITH7vhVazh6CPk9GzIx6petSTyhe5Tg7NvsEp8woAWMRPVpsT15akDeRvQz6Yq9kpNrqgkALOKj9HGBOAkNkT3nqvZN9PR6yN82-lifttJMoBAtOJFMZXeut4tAIcocL0KIUEjxrRtlX4yD2YipwDD55uyLU11YNhOPhSQZlVrj1Z014xtL5VIrLyMgm5zHa4LAI_OW6RE_VTfzpldVE8MWhaCs4wYDJFSPPhFXoSA8X-11jcTmo3w5LEaJbIJ78HboGOLvwIvJMA31Lxz3B1X9z4NdOfgiH6hNjyun6AvD0uEcMXBDTZRuC0_ANH9_SA6hs2mBFHvTlt82loCSE1imN8KcSnE3GS_KyCuMBg7eh8VIll8G5YnILOc-Rp6zVCulDOk_zn2JAFChipXZGLlzaDotG5vJTlzy4W5STT98EdtQrpclzfC47SE9F8tjb4o6EKAQlJQqrEDX4ReheGpv_FTdRTvL8keHvkJp7H8Cho4LZyrOIEtatCcQvHn2_-SGNed9aC1qGXxtC7_YLILPdz_ColPLzvdVmwBitU64zipbGxxcG8rKi_FoEanhfTATnhzg_iP8QSFTcN7j6QsxZglIXDMCGNXrUAkXeQexT5HrYZ8Jv8rh963iZqT4hO9GegRuvHKoM5OZJ32qDURqm909YIxglabpzSFtZUA_AaP8vUeKX-J8-xrha7jr62ko7wfXXOOMgLzQMyN51tHh41DVhvmyOgp5neVGFeVnrYhRpNt7WMrfYRBYprlfloE4uwMX444SGf7VcdGOzUNOG1_9-QPSI-Ey9wBNbrT0RBfVFyhOigmYHCjcQ71UIl7oqaJIcmSkfIBO3lXp7ZnLtar2Nwtvf9dsvzmQVQJSe0c2fMc5turC45yWqV4YkL4suEwJLBgzOX94gItoZrZXK9nmtPFveU2fAVHQ4XEVwxmyo-esZeoD9l1xwoIT9pGu27XyTcvyV92pDW-KmySORwco0h9SPImuOVJ3KdZp7Ye9wPEfyPqUFS07-Zd75pOPxdAVGpUftm_ROOS1zVJ6VGuO7hdCf42WmZmaNn4KXEScIr9X0CTMCSSMihuCcKLy_yyYXQfASXHy1kuRI6d7CuV7zxu2axrtGcwJH0hk6C43bHbfIBxxIc_mH3WNFGiqS4zAjtQru8zb4Xf_MCIY_Jpufr9KMwAnssS4xzjm3oQDX424oJ4uiQfx_AoH3B0i4Tmhe8WHqMdFRKt8qgghOaWiaRHzrrMBvtLiWZOeS8X9ULvZVL1TXMP7VJdE1KOgvx-yJAzCTGhT9V61tZT-HlosuJvmzQRaJlc-62b484tFZxdUJew9UuY3c5IM8EK45vapMSjDrmf_Q7sx36uGGNELm2JYR4iqZBG2Jcn5Uw6IaZfRd2ATAOjCQah7RyQgcOHruuwTw3No3vfCYgTdV4_rSK517NNh9POUI74mSK58Ha8pb9kSID9jEG6mMpmqpDHUqoFCAq_EH3xrzXKRocxdVYg2UAJFW-gD5bZ2IbaPiD35vo3t31YDHxVW7SxwWpqjw0GW3tx44KxH_iUVvB2k4i9GgJ7WWv8pOzDKYxX8zAmqCXY58wsuyMjUF3qfEaH1sSkrqeLfyjS0vGpSzgPYAfBfsjMzGaPHqlR9S9Uy3EhjR5H--Iu0Ex9F8XTC7W9zvTMO0MsDJcjSgQIqDEqgWzGo6NmJA4QYQDrml-Nj7YZA5ULXBkBMlKajChcQ1B0W93_A4jdfZawLCJUvNWtgPEPmV1_5D_M_1fvMW5tyIz9uvmpmY7yuhVcqNdppnQoX4o2L9euthfJgwkWzgcWZbjEKHZrDh5NQMUiWNw7iWadtxR-mtywHL2GBfBKfNQlqJrE8umcSVVaIjc0eF_I5J-KsbltwPlUgWUfs6XYJEO0Agj2wINpd9MoYU3aKY1QIC6_JuAiMWBSV-h0jugXH_VQzKB3U-ubAA-77wWFTSzlnOTHpXcsuLbnZaJd193Xh-KkVIpZPgY-0m64x5-QJpYNUlCcCYMnZponAG8iR9ZpPVUhVhgdOrJexYipnWRvopZFoRQvK2EZRkJ0qzjA5OXz-OylNOQrQfvWZFEb8mmPw9zVAguUEICL0WgDkMNaOSRb-g-pm75Z1zE2Nr3AWHhwY1aiU-Uw6tvKCGXSiuWqPPqyVbER5KqsIerAgLCs_4NT7Gb3sm61T6nmWMNdSN4A3ebyXd0518cFaNY_iTs821wSuCOwCBZ0C9OGAkxJPYXo2NLfWSiM1LTIky1eNRjtJfnCt3cU_iUHcSFk9hAl_fajEUxA27qjwfVv-VYQVvFgFNOAM_lxhFMxJQaUBw1Uql1nWX95V8bdDjLg-Mn-tAC1IF2jB4PPRqMRXv0OKInmCBCzce_ADx6HlAm8KXvrYC4ePbq4LrDx5Q7DZQ-niL1OZ7f9773CImy-5orkB4e9fbIR2UV45QTwxdwt3Nsff4W2wYep15YA0ju0S8_81ntC3IJDJD9rI9Ak_xkxEIQHtVD_mcsOjErXW9OtdwDFqJhBeGrGzlVU6okU5Mo6nXlmtXMNHe74mOkFadQDSVrKQqBbSri6sWbIo7tqciIspsRYioHtX6tGmMUqtrYq4ODcCFUVY0fQNvIHDX0QHUwHx4_d-zK862aSD3kOPwizFEjsiAEL2XSQv87xTX60IO7xir7BtKgL5KfrNyAxh1SOUYXGYkn-KiLK3y_QtWrtxoHoyf58JMlcD1yJY6kavPKVGwPuSFYCn1UoVS4Qme0eRdCy6jRhSKAhznU2LpajcwUGTay7JDSjJK-O14hWCijSqWyJd5Hy8wkcxGZTwpTd0DcMge25Tn_jA7bj6LM_5LlU8-GfCc1e-DbK6cLRW1YEfb7L5Y7eD-qnJ4KT_5a7jnlBGuPA2oXtg1E8CWboJ7X-B3eiPJqCY4GwxqIOVSwBHErBuHyvhjbrun2rQ86zDHuFl-kcqOEV6eQOuJ3UZdTd8lC703-5ORn2_MOrsp2KY8qzGNmgrI0NdFB1d3P_5mCa-sY07UX2cJzkyNOivcFDfQjlMuKUkpDFOkVrqqas3m-6Sgjg4fUcrZZzWhwqKnC04kJ7d_2HaukDSsd_kAallrcm4WaOHH48OguoqYewC6mFyLsApaHT2pCKiQLlHPC1kfknSBFjLb5jDbvRXHY&cid=CAASJ-RoRnMkyX9p0GfRkCSnH0P5JOD1kOI-wp_yX4Dj5mGmA4GpXYBSdg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f155.1e100.net

Software

cafe /

Resource Hash

de89ffc427cf841090cc0c886e87bd001b06d12f17db332bcd98bd8666b1ae4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14389
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9763 0
0 69ms
69ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CA0VxLJvyYsK1Fbfd7_UPjdG4yASioMuwas7_453tD5bRyM_gARABIJWbyiFgleKQgqAHyAEFqAMBqgTlAU_Q9tcrK0Ev4Ts_gYFpu9S4SNRF7QRagemJltXCq1TCuI4iyxjdj4AGRjhBSxeA4-RRBx_7zaSQMlOoSK5OmBI4-5K67JCnuqhrVXPLP8Us7F2Hj_wy6pjllAJeioA2N_XWkRi5uOyE-ti2Ol_GPTY48prpAg3arx5A53Cu0Ispa8Gx8bUBaYYbTfzutvKH9oS9-CifQcDim9jKtQyu-uelR8z2FfPGTTQBtvl6GPsmOR1RYUEYwK0V7F2BJWSLXyB9Ug3loCKu6-gLVnww9RWYN1yBdrmWkdAmPrzbDHbdKMQk8HfABPXy6on_A-AEA4gF8oqu1ECSBQYIAxACGAGSBQYIGxACGAGSBQsIIhACGAFI4Mm_AZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGeYAH_5O14QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDR-EEYgquLzAHSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTE2OTc0NzAzNzUzOTYwODCACgPICwGwE465qw_IE9SSt-AD0BMA2BMKiBQB2BQB0BUBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=520YeCjmsP0&uach_m=[UACH]&cid=CAQSPgCsnQUxmSva7j4Kxq90rh7jamPFCfIrHrg5ZRa-kqwrLeScZowne5EAf3aUbNxNuXBks3_t1OqRvFmFdbCG&vt=10
Requested by: Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 9763 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb46460f84c8690f59438bdbeb1615047601d3c18536dc67e9a178353bdac626

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2FB9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

64ms
63ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Aug 2022 17:36:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK dvbs_src_internal107.js Show response
cdn.doubleverify.com/ Frame B690 55 KB
18 KB 62ms
61ms Script
application/javascript 2a02:26f0:f700:2a3::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=184716&plc=6565985&sid=18330&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:2a3::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 17:36:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7cd18d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18120

GET
H2 200 vast Show response
vast.doubleverify.com/v3/ Frame 9763 16 KB
3 KB 359ms
52ms XHR
text/xml 159.89.0.197
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.doubleverify.com/v3/vast?_media=3&ctx=15911784&cmp=184716&sid=18330&plc=6566072&adsrv=29&blk=1&_vast=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F1%2F184716%3B6566072%3B208%3Bxml%3BDV360%3BDemandCreationTheWorldIsYourCanvasPhotoshop2022Q3DEProgrammaticDV360ChibuTargeted15sVideoVASTDSKAudience16x9%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%7Bs1%7D%26us_privacy%3D%7Bs2%7D%26pbMethods%3D%7Bs3%7D%7C%7Bs4%7D%7C%7Bs5%7D%26cachebuster%3D%7Bs6%7D&_s1=&_s2=${US_PRIVACY}&_s3=[PLAYBACKMETHODS]&_s4=[CONTINUOUSPLAY]&_s5=[TIMESINCEINTERACTION]&_s6=[CACHEBUSTER]&_api=[APIFRAMEWORKS]&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.0.197 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 4b4ce67e3789c449932caf465be29efff3ce6c50e5d4bc5d743b7d41032f7b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:43 GMT
content-encoding: br
vary: origin, accept-encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: none
timing-allow-origin: https://vpaid.doubleverify.com
link: <//cdn.doubleverify.com>; rel=preconnect; pr=1.0, <//rtb0.doubleverify.com>; rel=preconnect; pr=1.0, <//tps.doubleverify.com>; rel=preconnect; pr=1.0, <https://vpaid.doubleverify.com>; rel=preconnect, <https://cdn.flashtalking.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA63 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxR19LJvyYrO2LfqO9u8P-OCWkAsAAAAAOAHgBAI&bg=!pqWlpeHNAAZGjrx1Zo47ACkAdvg8Wtao9UdLJ6sb7UQyb9NaYJDdAUX1AX8iXU4OmwCbGkThxfWQqQIAAADbUgAAAAJoAQeZAybrej8kaBD8Opo4EfuPHWuK7bB1A5P642mlmkhkaLP9yW5VFeDgtSV2cxwS7TreRIm1rwGAAVgGPBukfF_HAiBzmO3soSYuq8WjMcqwy_rTCbrQkNOKD96_q7TBwG_XTMFA11aIuIpvLvVSM2v_pgS-W_v-fcZF6QqtQZom_1V95xXFESTT_Vh3HvdLnEfSNeLEDfkNcBUmqmJs3XtZ5zrKKapo063_2C-RbAZr_bJjAqkUxo-rozXLoCwRPqNDrEeWihmMFHmmMuQLY_P4NlWe8DWwf-0qSndtGiibQWwZrp0JhD3Or1s3onR3A0mZSG_npblppfN0jrhFGJXJEr4GLT16smcGmibrtPzPc_igda3hqfXVSlaqkN10mSqY-NoB6A92E3Rr5_eHa5cG3s2wbJzjBocICddTE_1xAdi7E1yLn9bbGT7uLZBtujiqJCmB7sF31vwQfVpFcJYyC0LB7GajnJzifSSZoCI9zOJLkadj2AIOdpzcPA_9RRkQwMrC--gnHCH0b2AM0t5J3WvfNKzMknsTbA9lkOhsVfsGXCNq3O0a0lMqv3S_FEVcYXijPVsf-RLUytpXih-6nMK-wIhRfI0LLkXtrapuThSyGdPo8PVhta0ETx06UUQTLKGGq5j64B5IK6hYPCTRDGGjbIe4WKmT6k03cLnfkNmD53ps7sRbCYWMfn5goYq3tUIIWQCXjqgIn3S4xpwkixaa7tuv5nmXuJqLuKs9kAkgu97zp1ZHGATDeZgRtOH_jynRv2XD7eN13xohZuPKtuqmYmbVHfxPzyDv4VW7edh9dK7_6jaGtKQZBhqbJRKq30kuOidW1goqiFksFxm9rAyfU-CbYmZ7ytcOQYNeODR_XGtRx7VqNTUk-VoajAyx0XHPPsDj9faXTgiHNc8T3d6O_QOarIGIxJDg9VlRU_ZKx8vfNsEYsSrdAcRCKbevBfiZw3oUqz85V0RyEHHFgIJhyjVOTE0wEQcOw_dKFb06nxzNy7Bb3V0zHIXdk79n43u5gXKM9Esh2d4FBWp-CQkMw4AyhJChmXU-uG-NNK7gz5pCkW64nQ

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame B690 1 KB
882 B 356ms
32ms Script
text/javascript 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_277888434734&jsTagObjCallback=__tagObject_callback_277888434734&num=6&ctx=15911784&cmp=184716&plc=6565985&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=277888434734&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=104&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTau8%40c%3C%40C2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau8%40c%3C%40C2%5D4%40%3ETar9EEADTbpTauTaug2ef_b6be34b2ab52g72a6%60%6026_3766b%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.40&callbackName=__verify_callback_277888434734
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 6da051b1bdeb813cbafe4bba826b9aa9b01447fedc36f3d3d424396979933d37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 17:36:44 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Expires: 08/08/2022 17:36:45

GET
H2 200 vast Show response
vast.doubleverify.com/v3/ Frame AE7D 16 KB
4 KB 304ms
41ms XHR
text/xml 159.89.0.197
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.doubleverify.com/v3/vast?_media=3&ctx=15911784&cmp=184716&sid=18330&plc=6566069&adsrv=29&blk=1&_vast=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F1%2F184716%3B6566069%3B208%3Bxml%3BDV360%3BDemandCreationTheWorldIsYourCanvasPhotoshop2022Q3DEProgrammaticDV360ChantalTargeted15sVideoVASTDSKAudience16x9%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%7Bs1%7D%26us_privacy%3D%7Bs2%7D%26pbMethods%3D%7Bs3%7D%7C%7Bs4%7D%7C%7Bs5%7D%26cachebuster%3D%7Bs6%7D&_s1=&_s2=${US_PRIVACY}&_s3=[PLAYBACKMETHODS]&_s4=[CONTINUOUSPLAY]&_s5=[TIMESINCEINTERACTION]&_s6=[CACHEBUSTER]&_api=[APIFRAMEWORKS]&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.0.197 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 3436cf40c70cb77cb3e36d1a14a8bf9eb6b16da35520e75678c69c738ee75baa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:42 GMT
content-encoding: br
vary: origin, accept-encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: none
timing-allow-origin: https://vpaid.doubleverify.com
link: <//cdn.doubleverify.com>; rel=preconnect; pr=1.0, <//rtb0.doubleverify.com>; rel=preconnect; pr=1.0, <//tps.doubleverify.com>; rel=preconnect; pr=1.0, <https://vpaid.doubleverify.com>; rel=preconnect, <https://cdn.flashtalking.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A478 13 KB
5 KB 22ms
22ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 17:13:10 GMT
expires: Wed, 09 Aug 2023 17:13:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 17A4 783 B
537 B 36ms
35ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ecd56e64112e511a27b22a8b96133e4fcfc5d7d31900e726e454ba5b9883f574

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jKDK6njVTOUX7N4UMZ6fDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-jKDK6njVTOUX7N4UMZ6fDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 17:36:45 GMT
expires: Tue, 09 Aug 2022 17:36:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C4E6 6 KB
3 KB 25ms
24ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 17:36:44 GMT
expires: Wed, 09 Aug 2023 17:36:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 55ms
55ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=go4kora.com_fluid_sky%2Bsq&pn=1&sn=2&pc=0.3201713145750092&ds=true&bv=0&e=wdp&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCVBVPMB9GXN2KCJ8RW8Q
date: Tue, 09 Aug 2022 17:36:45 GMT
cf-cache-status: HIT
age: 2243271
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382417d8a030208-ZRH

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 36ms
36ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.03&b=2&r=go4kora.com_fluid_sky%2Bsq&sy=e31f4238-04e7-4f87-a62c-8c4b83ff5595&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=go4kora.com&mlre=go4kora.com&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=5553379c-9d39-4e51-aef5-4f8f4341a98f&e=lm&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id: 01G7YYCVBVPMB9GXN2KCJ8RW8Q
date: Tue, 09 Aug 2022 17:36:45 GMT
cf-cache-status: HIT
age: 2243271
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7382417d8a050208-ZRH

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame A478 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 13:08:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame C4E6 23 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
server: cafe
etag: 13823643058518418725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 17:36:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C4E6 8 KB
716 B 35ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 16:18:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 17:36:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 17:36:45 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/ Frame C4E6 14 KB
3 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.css

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 12:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 10:45:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 12:52:45 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/ Frame C4E6 356 KB
123 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b0c868e05a8b05c5653a259a40647d60b3cfea7ed14903beaf1298d72e519fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 12:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126003
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 10:45:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 12:52:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame C4E6 17 KB
7 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 17:30:02 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame AE7D 41 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 08:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 08:18:39 GMT

GET
H/1.1 200
OK consumer-privacy-logo-16.png
secure.flashtalking.com/oba/icon/ Frame AE7D 7 KB
7 KB 325ms
41ms Image
image/png 184.51.8.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo-16.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.8.61 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-8-61.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
Last-Modified: Thu, 06 May 2021 18:54:24 GMT
Server: Flashtalking (AKA)
ETag: W/"ea9218504eec09a337676178d9020356"
X-Varnish: 277043211 277296212
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 7281
Expires: Tue, 09 Aug 2022 17:56:46 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9763 41 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 08:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 08:18:39 GMT

GET
H/1.1 200
OK consumer-privacy-logo-16.png
secure.flashtalking.com/oba/icon/ Frame 9763 7 KB
7 KB 296ms
39ms Image
image/png 184.51.8.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo-16.png
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.8.61 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-8-61.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
Last-Modified: Thu, 06 May 2021 18:54:24 GMT
Server: Flashtalking (AKA)
ETag: W/"ea9218504eec09a337676178d9020356"
X-Varnish: 277043211 277296212
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 7281
Expires: Tue, 09 Aug 2022 17:56:46 GMT

GET
H/1.1 206
Partial Content DV360-TheWorldIsYourCanvas-DE_DE-Chantal-VAST-15sVideo-16x9_854_480_700_3000.mp4
cdn.flashtalking.com/163839/ Frame AE7D 48 KB
0 750ms
260ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/163839/DV360-TheWorldIsYourCanvas-DE_DE-Chantal-VAST-15sVideo-16x9_854_480_700_3000.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
x-amz-request-id: 03ZR7EBTXP7FBYEB
X-HW: 1660066606.dop244.lo4.t,1660066606.cds217.lo4.shn,1660066606.dop244.lo4.t,1660066606.cds089.lo4.pr
Content-Range: bytes 0-1677838/1677839
Connection: Keep-Alive
Content-Length: 1677839
x-amz-id-2: qTcZa6YLTYg4Js9/5ifEQJ0+WGs11IyZU00le3Sa7661FV6xUdgQPnBmt8NS9DNqGnem/SmJug4=
Last-Modified: Wed, 01 Jun 2022 06:02:12 GMT
ETag: "c5ad5eb103de18483dfb4a71e3e0ab13"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=30
Accept-Ranges: bytes

GET
H/1.1 206
Partial Content DV360-TheWorldIsYourCanvas-DE_DE-Chibu-VAST-15sVideo-16x9_854_480_700_3000.mp4
cdn.flashtalking.com/163839/ Frame 9763 48 KB
0 753ms
273ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/163839/DV360-TheWorldIsYourCanvas-DE_DE-Chibu-VAST-15sVideo-16x9_854_480_700_3000.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
x-amz-request-id: CA4YSMDSRDBV01NK
X-HW: 1660066606.dop059.lo4.t,1660066606.cds037.lo4.shn,1660066606.dop059.lo4.t,1660066606.cds295.lo4.pr
Content-Range: bytes 0-1684131/1684132
Connection: Keep-Alive
Content-Length: 1684132
x-amz-id-2: WZ3PTDTDePAlZ+N18VLLtqTrxWfnSuFA5XANvVibODRh54sGxPM28UOiKnwUms+PyNHJ1PeQjSQ=
Last-Modified: Wed, 01 Jun 2022 06:03:01 GMT
ETag: "dc6e160509cfeec68948f7d0155af3de"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=30
Accept-Ranges: bytes

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 17A4 0
0 55ms
53ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080401&jk=3768919082520376&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

POST
H/1.1 204
No Content bsevent.gif
rtbc-frc.doubleverify.com/ Frame B690 0
210 B 132ms
28ms Ping
text/plain 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-frc.doubleverify.com/bsevent.gif?flvr=0&impid=454aec080b4f4c2383b82469db4343cf&vfdur=357&cbust=1660066603279201
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 09 Aug 2022 17:36:44 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 08/08/2022 17:36:46

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame B690 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8749
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 21:33:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 09 Aug 2022 18:29:42 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame E0FB 23 KB
9 KB 21ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 10:25:48 GMT
expires: Wed, 09 Aug 2023 10:25:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ Frame C4E6 0
17 B 129ms
47ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l6mgskz3&c=5985420629524&slotId=2992710314762&qqid=CJbksoKmuvkCFa_Kuwgdva4CsQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44731965%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C4E6 15 KB
16 KB 60ms
59ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 216425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 05:29:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C4E6 15 KB
15 KB 63ms
63ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 466495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 08:01:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4E6 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CTc1CLZvyYtaZBa-V7_UPvd2KiAuioMuwap6A5J3tD5bRyM_gARABIJWbyiFgleKQgqAHyAEFqAMByAObBKoE4gFP0K58nxE5lJ2T21cRSLQ-zpShKy63xrpqJjjcFpnFkWqqg2SNoRDjpBem6lLpNl5bERE-EQRT-XgyjNO_DHnpKIam9uCl1jzup4Y0iyd1-niFQKTI5DrJHUfy4qlmy0WxRAw3sHvO3cggXfKWEljNGNadktZ41e2h4_hP6e3nkR12ltkBECgopf6A8Vq9ypnBAUOtuKdRTYSIzskhjh3_Ea483-p1KZliyGAz63x7piSFzYz8nEqAQFFEjJz3hnWagXRgpwiIL03V3CmrQ0UiRBAYMddrqONnenbs3f31vBiFwAT18uqJ_wPgBAOQBgGgBnmAB_-TteECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xNjk3NDcwMzc1Mzk2MDgwgAoDyAsB4AsBgAwBsBOOuasP0BMA2BMKiBQF2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1660066603317&ai=CTc1CLZvyYtaZBa-V7_UPvd2KiAuioMuwap6A5J3tD5bRyM_gARABIJWbyiFgleKQgqAHyAEFqAMByAObBKoE4gFP0K58nxE5lJ2T21cRSLQ-zpShKy63xrpqJjjcFpnFkWqqg2SNoRDjpBem6lLpNl5bERE-EQRT-XgyjNO_DHnpKIam9uCl1jzup4Y0iyd1-niFQKTI5DrJHUfy4qlmy0WxRAw3sHvO3cggXfKWEljNGNadktZ41e2h4_hP6e3nkR12ltkBECgopf6A8Vq9ypnBAUOtuKdRTYSIzskhjh3_Ea483-p1KZliyGAz63x7piSFzYz8nEqAQFFEjJz3hnWagXRgpwiIL03V3CmrQ0UiRBAYMddrqONnenbs3f31vBiFwAT18uqJ_wPgBAOQBgGgBnmAB_-TteECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xNjk3NDcwMzc1Mzk2MDgwgAoDyAsB4AsBgAwBsBOOuasP0BMA2BMKiBQF2BQB0BUB-BYBgBcB

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame C4E6 22 KB
14 KB 157ms
67ms XHR
text/xml 64.233.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DINfhw7a1WGgm7FkosygbSj24rAGDodrmE94Ir3NFNkzX4Mt7H82UfnO__kdJlHOsHp4vw6L-yy5CjbUInKU0-FTPzOg&cry=1&dbm_d=AKAmf-CeC_stTdgqrS7Zb4smDxxylU1Md1_uaHrdps6MgLx-iDrDJED3_GGTftrWy1UHL02PhrDgrX9c3ofe-5CD3Nrvt_DUgVnRPJFc4ZfUebPOZN6DXJT8gy3EK0dkQgwlfX7RWYP2ZkQZ1oOuUR2rrWWoN-058ig5tDHTwZ5F2xLtkC4mMC_NQsuT7V7oVnL4SmNCj6GaKNd5yahoW1chiq7SM9-rFSci5YYuKIFXg7ahpZ7jg43_XlxSA9qsqwqf5qX6MiPocHa0eFmpydCblgezHbfFi0zB4ndp4SMVHFQstLDFO05rBIyfGTv7CwEjVW86G8M0XZAIfxHxmkLdakoTcoePjoAHFI6Pi1b34tUyjzluQFChgeFasbMcFEzUU8xsxADXQ3Ick3lTAi9C5uNy6G9Ezgg-wB291xW4Mn5XdqcaqN2ZX-1nwhG2vjX4cO1ltNOW6wu7hO8_tjJeQf6sOi8AQxXaQN_BXCe0GIG2lRib4Q2biCGPmz2Cu6OppOVRm_p3_AqpPl_MWdHgkSFO4Fn4hqS7G-mfTSAlfM_B13O-eJrKq2Mdv2V5lN3GZgQ8UmJP6GV5VzfFWM5zIezM4SCZBWh_kGNMiQeD7EkT_ph0YgKRy7iqxq3vhMRYu2Cpss_I0abhEeU0celaH6UZTN38HLKE_75tqomhNOoRxcWh3V239A77VvUVOao0RsoDLJvu0bHPuL3p8-pFAEIgl1y0dGPH2g4Vaz-Q9vSi4upml2INzeh1HQCj16kLBneCcIzegcc2PXS6VmPYE2LaqInzs0JiufmoIvBpWdRX8imkjouj-pqFS3NveuKsGFuBP-HmJ71C1W-9p4UtbhlYe0hveXmWYqi4PSJgkKTuHyVa5J7sxcGJf4IVsL4QoiFc5YA5zh70p8yJsNIU4pdf65E1_DZSbOU5AwZtARJJbs3sLVLCKdM_7EhQSWDRZ6WsIdzh209t-KOH9Z8c0Mi0YtLs75HYWN0KTkftQq9DNcuYB_98vy21hI5kJBtPJdRshnwM5jpf75uC4hDSgX6GYXGsL2tI27rRIj7ETuAs_jfPJgTsAW2p9oZXylGcDpHJR94bRiEWb54b6AogdV3wXWBSrzufObbNlpO2xt7L6JPfed84yPHD_5ShfzaPYGUmDMymXPLH6fbecbGr5y9EXmbpHuCEuOdeQUI-a65RLeLuBpfnwSvlVXSfViB4Rs9o7zAFNq3fXjN3wjGsI_S8T4aJlp7e_1NczVHPNsD1EyvjQ9s5LP2GMWZxYAq7zKVzZxa3WQQ8_102l5FKWKKvzV1fgXFvvR5GYDMEHQYoHEexhX83C6Eebacix-DQrzJad_agk4Si2Duaag80h4Np5QN-s1_VkDI3Ogh-K8-18UZ96O5TS6vnXjn-rt-PzZGPl3W4qY7Q3zUjdD773el3l8W3lIR9w7oInaVKZfcu-yFIYEAuBqwULdB2ezZchVAR3ps92iZi3mezIpGBUDCP0iJLGLyiiYdo0G0NlF5QJknWbjcmyVxLV2-IUHlPn0Ffc4KweQbrbT5wl_9dih7PwEAKV0G8qlaf99Tj67duo-K0sD4eh2B_8o2-4fd4K5dZIl7HCIbsiMck2X_FcyEDxgLMf7MqAqdqEFYUGtMoXAjepYPAu-sTmJ4EouevXjUq19WRE97SXbOna0v-ysbysgb7qiTb34uL8NSexB6dC-myHWmMRjL62xs6Ut0dnS-u9YADFRmnDrB4qF3Urb8t1XechZXIo_TWg_ylXWGUGp4piA_T_f6w6ePds8AoQAPAxihFtMGH1prdYk65xZ1ZegxSpdqAxKePN7lZkipgboIAzgIZlVLIZZTfwvBkNOR5j9IDYOORxxDxIwYOjSyuz2vnOB-Vzr7qUimLs2bETn5EREgapvJGFPBqBOZFf05BLH7z2i94HRMa1n8x25UOsRcHu3Vl_l6yI9Y72NBvzaPAKHe0DUW3PvwszQfjkO01Ik-6pEMiRo4Ve9yUwTTk7zdbRAPcKErLiB35umMr66G73JAQPzmxhQWjCubT0t4-Z7CYVnf6cByiM7XalrCbrS6u696copS05gTU3jpRwIHqzjHVRj4mCdTGobKj69oW5tARsaMjXoEUHK5tdFgqEFS9qPQtLM2t7H85ldzv8CXnxDLJ_hLh5aINjsvw_-CaJOBUUWljmk9goOQ9TweF0Pdl-BxL96GLRce2jXZ27dXXuFddtCRvOfb_W8Rx8ivGd_QIA5qchPt8cYVIcTttB9E7xh36nR8zCtUiO28CwkhE94amt3utbWkMejKPWiSnPowfgA9BJU3ifESk2ySkzYrHgZdbmYmG2SMzgZ8dpBnTO1RfObCxdcOdhzWBVnpWbXPL4cQ6HQZYDyj7eA1IIsSnidF9qDvZTK2qHuu1zGya2ErOypzWvAr3PMqVzsMRMQYH_y-KsEvL6m24KI7c8LSZAxKJgV0wwjFUtM98ET8olc6cVCp8YhPHtP0BDEXhuc9_foWvq6uiI91U7Qx1S__UJCz0xmbhXh38TR2gVTN-gPsjPi1NXLOjEHdFOMc-wqAU84R5GeiTjF2Rq9TDRdW1yVISxsKP4Qn3aAdsifsgYlVNmPh8UfsiTJ4nRV66bSpu3zOamD-8xOG2cp7lOhBCunAil77CTXLrmn4nSD7hfySmZDHLaoXRol-sBFbX28jRN1k4SzRkftYbcXd4KNcDXjJdqBiz-M1WVDXWf00bzBTwaSPCIUFvvHRExGmKBSPbM-TICpbgXxYxcNgLyV45zI8LNO0Cq-BXJIHFrSudZGHARKW8vVi2IltykDPvRDm9KE02hFjm0BAvhSFKLDXIF1Geme6-cAL1gbTEAtCIC4noXM9GuuyLSZcRM8lusWZ6j2UgyT07tlo_imlWXHZYnMrFUx9a7f4Qv7FD1qElRO0N5PleQ6davH_li3CQXmrInM2a29r8TjaO9aqhxtYyMz49AYQS4tBjaDj0-UXkBio174_bhwhxg9ocgMgkdJDydX-u0DwPDrAy9VJ2aZ9hKbdVsA0Yw-GIoKhu0u95E6H6s9Xf5RTTgAvWinA0xzGXB81tJZTQeFTCVxhNd_D0hs8IDf3Jffy_pDLvUuOX9rWTbpCqqFxePgoRTkGbL0BS5CV37pLXf4EJUrqPwc_KR-v8u8JEwV5-A45puLo5zYw&cid=CAASJORobyuiDkuBHCLzVTr77T56Zb9ikfZ1AR2JUoXebQReoYCwag&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f155.1e100.net

Software

cafe /

Resource Hash

035b3ad7acbe6346dc58f62dd9f4b5e9d19e7b9e53ba79c1c02413d1fec791ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14439
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C4E6 0
0 118ms
64ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZg4SLZvyYtaZBa-V7_UPvd2KiAuioMuwap6A5J3tD5bRyM_gARABIJWbyiFgleKQgqAHyAEFqAMBqgTfAU_QrnyfETmUnZPbVxFItD7OlKErLrfGumomONwWmcWRaqqDZI2hEOOkF6bqUuk2XlsRET4RBFP5eDKM078Meekohqb24KXWPO6nhjSLJ3X6eIVApMjkOskdR_LiqWbLRbFEDDewe87dyCBd8pYSWM0Y1p2S1njV7aHj-E_p7eeRHXaW2QEQKCil_oDxWr3KmcEBQ624p1FNhIjOySGOHf8Rrjzf6nVxmPg986Gs7qhas9wYG44N0PTVy1JCU-FIkh20XGmOEBD9msMSxCVUazq-nppFQtMm9EtipyRSpCDABPXy6on_A-AEA4gF8oqu1ECSBQYIAxACGAGSBQYIGxACGAGSBQsIIhACGAFI4Mm_AZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGeYAH_5O14QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHCxDe0ZIBGKnCi8wB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTE2OTc0NzAzNzUzOTYwODCACgPICwGwE465qw_IE9SSt-AD0BMA2BMKiBQF2BQB0BUBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=ZB0NK_6Vreg&uach_m=[UACH]&cid=CAQSOwCsnQUxbAnoPBCX4S3r7fQNp4V8tcd9xfEcXW2gTw_Ce8iEb0uj1WjkVKAh68tPrdBYNu907u2RW-F7&vt=10
Requested by: Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2E31 1 KB
749 B 27ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 14:00:52 GMT
etag: 48472445140208031
expires: Wed, 10 Aug 2022 14:00:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C4E6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42015dc7fef97e9879d5e0a23e2f51f37048cbfb086c2503521676bd20f34302

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame AF8E 23 KB
9 KB 21ms
21ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 10:25:48 GMT
expires: Wed, 09 Aug 2023 10:25:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 impl_v90.js Show response
www.googletagservices.com/dcm/ Frame B690 54 KB
21 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v90.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21331
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 16:29:42 GMT

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame E0FB 36 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 13:08:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E31
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJpjpeOaTr5Kj7-08j9ez2g&google_cver=1&google_push=AehlK4CH3HpsT38Yj0RoJ6G9S_7QgsFLjdbpZ7V0quuf5ug4WqMrYpVZ295XsniR5cnTTdK_5On7ZyC3YPaOSCU7NVPSIAPRQav1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8777A38186A04191B86273AAAC95C0ED&google_push=AehlK4CH3HpsT38Yj0RoJ6G9S_7QgsFLjdbpZ7V0quuf5ug4WqMrYpVZ295XsniR5cnTTdK_5On7ZyC3YPaOSCU...

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8777A38186A04191B86273AAAC95C0ED&google_push=AehlK4CH3HpsT38Yj0RoJ6G9S_7QgsFLjdbpZ7V0quuf5ug4WqMrYpVZ295XsniR5cnTTdK_5On7ZyC3YPaOSCU7NVPSIAPRQav1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Aug 2022 17:36:46 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8777A38186A04191B86273AAAC95C0ED&google_push=AehlK4CH3HpsT38Yj0RoJ6G9S_7QgsFLjdbpZ7V0quuf5ug4WqMrYpVZ295XsniR5cnTTdK_5On7ZyC3YPaOSCU7NVPSIAPRQav1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 08 Aug 2022 17:36:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E31
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELmKl02at66gk0MLgVv6L30&google_cver=1&google_push=AehlK4Ael6nNWLWK2qnz98npH5Q9LDR5Sm_9cC6Nay4WfF7Z87WndFRULf2diuIURw_gyBAtLMWkO8RUem...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELmKl02at66gk0MLgVv6L30&google_cver=1&google_push=AehlK4Ael6nNWLWK2qnz98npH5Q9LDR5Sm_9cC6Nay4WfF7Z87WndFRULf2diuIURw_gyBAtLMWkO8RUem...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Ael6nNWLWK2qnz98npH5Q9LDR5Sm_9cC6Nay4WfF7Z87WndFRULf2diuIURw_gyBAtLMWkO8RUemxcYKQFPoHqpn4WpnqJ&google_hm=

170 B
188 B

60ms
60ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Ael6nNWLWK2qnz98npH5Q9LDR5Sm_9cC6Nay4WfF7Z87WndFRULf2diuIURw_gyBAtLMWkO8RUemxcYKQFPoHqpn4WpnqJ&google_hm=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Aug 2022 17:36:46 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Ael6nNWLWK2qnz98npH5Q9LDR5Sm_9cC6Nay4WfF7Z87WndFRULf2diuIURw_gyBAtLMWkO8RUemxcYKQFPoHqpn4WpnqJ&google_hm=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E31
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKIfH6ma2AWs5lM6YWNJRPs&google_cver=1&google_push=AehlK4AFoeQLa2E0LMGNJ3ThVHnOqJMJ45KgZ2DkoWbiYT1FJNbQ6ePCYZ8iBSJOKXiqnRaFl6VntdWl4qa2QPe-0Xb6...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKIfH6ma2AWs5lM6YWNJRPs&google_cver=1&google_push=AehlK4AFoeQLa2E0LMGNJ3ThVHnOqJMJ45KgZ2DkoWbiYT1FJNbQ6ePCYZ8iBSJOKXiqnRaFl6VntdWl4qa2QP...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AFoeQLa2E0LMGNJ3ThVHnOqJMJ45KgZ2DkoWbiYT1FJNbQ6ePCYZ8iBSJOKXiqnRaFl6VntdWl4qa2QPe-0Xb6Sk3geMqN&google_hm=9wJW3r0sS2-vgV4O3shZlw==

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AFoeQLa2E0LMGNJ3ThVHnOqJMJ45KgZ2DkoWbiYT1FJNbQ6ePCYZ8iBSJOKXiqnRaFl6VntdWl4qa2QPe-0Xb6Sk3geMqN&google_hm=9wJW3r0sS2-vgV4O3shZlw==

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AFoeQLa2E0LMGNJ3ThVHnOqJMJ45KgZ2DkoWbiYT1FJNbQ6ePCYZ8iBSJOKXiqnRaFl6VntdWl4qa2QPe-0Xb6Sk3geMqN&google_hm=9wJW3r0sS2-vgV4O3shZlw==
Date: Tue, 09 Aug 2022 17:36:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E31
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEPIUegFkAb_DPAO818tsTmk&google_cver=1&google_push=AehlK4BxzDFD0oY9iGcxxsAi6LV9S2wIfObsX_4RH4uVgaFH46QGfoOmwkYCTojK69SsVpVQUKLhT1WBxf6oXsB...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PA56KrVTSV9PBxks1-Ki5JJGdW4&google_push=AehlK4BxzDFD0oY9iGcxxsAi6LV9S2wIfObsX_4RH4uVgaFH46QGfoOmwkYCTojK69SsVpVQUKLhT1WBxf6oXs...

170 B
188 B

32ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PA56KrVTSV9PBxks1-Ki5JJGdW4&google_push=AehlK4BxzDFD0oY9iGcxxsAi6LV9S2wIfObsX_4RH4uVgaFH46QGfoOmwkYCTojK69SsVpVQUKLhT1WBxf6oXsB531tInhj_iD8

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PA56KrVTSV9PBxks1-Ki5JJGdW4&google_push=AehlK4BxzDFD0oY9iGcxxsAi6LV9S2wIfObsX_4RH4uVgaFH46QGfoOmwkYCTojK69SsVpVQUKLhT1WBxf6oXsB531tInhj_iD8
Date: Tue, 09 Aug 2022 17:36:46 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E31
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHK67d2VcxRkDJ-7WjSpb8k&google_cver=1&google_push=AehlK4D4dlnC84lJekg4KN12r_fFVm0F80ZPmQaQrbz3Fc5Zs3ulk8pSVu_kYUA562dvi18TIKzBJ4h6Yw7Bzsh6t...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHK67d2VcxRkDJ-7WjSpb8k&google_cver=1&google_push=AehlK4D4dlnC84lJekg4KN12r_fFVm0F80ZPmQaQrbz3Fc5Zs3ulk8pSVu_kYUA562dvi18TIKzBJ4h6Yw7Bzsh6t...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D4dlnC84lJekg4KN12r_fFVm0F80ZPmQaQrbz3Fc5Zs3ulk8pSVu_kYUA562dvi18TIKzBJ4h6Yw7Bzsh6tEC7c8ei5Z9C&google_hm=FHkAsGZHUWIkjkV3QYG8eBZx

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D4dlnC84lJekg4KN12r_fFVm0F80ZPmQaQrbz3Fc5Zs3ulk8pSVu_kYUA562dvi18TIKzBJ4h6Yw7Bzsh6tEC7c8ei5Z9C&google_hm=FHkAsGZHUWIkjkV3QYG8eBZx

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D4dlnC84lJekg4KN12r_fFVm0F80ZPmQaQrbz3Fc5Zs3ulk8pSVu_kYUA562dvi18TIKzBJ4h6Yw7Bzsh6tEC7c8ei5Z9C&google_hm=FHkAsGZHUWIkjkV3QYG8eBZx
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E31
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC9FNTUyPvHDVpk9iBz_O6Y&google_cver=1&google_push=AehlK4CDMGdm2usk3a2OEwOIecoFcNJBGtkCtxpvfLp569JVeTubnjYyYe1Y5lbOGY2_qi7TbruexZwJ8CFBwdRk...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4CDMGdm2usk3a2OEwOIecoFcNJBGtkCtxpvfLp569JVeTubnjYyYe1Y5lbOGY2_qi7TbruexZwJ8CFBwdRkgoaCVDzvWCaz

170 B
188 B

26ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4CDMGdm2usk3a2OEwOIecoFcNJBGtkCtxpvfLp569JVeTubnjYyYe1Y5lbOGY2_qi7TbruexZwJ8CFBwdRkgoaCVDzvWCaz

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Aug 2022 17:36:46 GMT
via: 1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4CDMGdm2usk3a2OEwOIecoFcNJBGtkCtxpvfLp569JVeTubnjYyYe1Y5lbOGY2_qi7TbruexZwJ8CFBwdRkgoaCVDzvWCaz
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: rHUR1SGTbzVkWOvPM_jJUpQ8xdQAJEHOip5wEh5h9umc8nhVn8tZww==

GET
H2 204 exptsync
ads.yieldmo.com/ Frame 2E31 0
35 B 536ms
42ms Image
text/plain 54.74.12.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/exptsync?google_gid=CAESECDeMgYjisEIdpTRy_K2MXY&google_cver=1&google_push=AehlK4Bqaav6LmeYZOiB0JBvHU3qJenZy8_a34a9g6GFMgtKdCNTp8cVZ6jkSa5kRnZbRGuIa_eI6dkGAamWjOBxdnGkNyaZ516N
Requested by: Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.12.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-12-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:46 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2E31 0
12 B 37ms
36ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqF7zZ41QOESMakrw9AGMq97B9j4h52N8Hu0eTvnkqF3fRW40_xgFx_EYjrpcFXRYDKG_X

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 B9689862.280630144;dc_ver=90.265;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1964084963;ord=muvr2p;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fgo4kora.com%2F$0;... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame B690 48 KB
24 KB 290ms
55ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=90.265;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1964084963;ord=muvr2p;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fgo4kora.com%2F$0;xdt=1;crlt=AKYWd6985D;stc=1;chaa=1;sttr=71;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

aa4e3006caf9ca54ed5e56e4e0c819f6fcdbdadbe6ec0042a45100463ca88d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23793
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A478 0
10 B 25ms
25ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CEY3_A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame AF8E 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 13:08:06 GMT

GET
H2 200 vast Show response
vast.doubleverify.com/v3/ Frame C4E6 16 KB
3 KB 77ms
77ms XHR
text/xml 159.89.0.197
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.doubleverify.com/v3/vast?_media=3&ctx=15911784&cmp=184716&sid=18330&plc=6566075&adsrv=29&blk=1&_vast=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F1%2F184716%3B6566075%3B208%3Bxml%3BDV360%3BDemandCreationTheWorldIsYourCanvasPhotoshop2022Q3DEProgrammaticDV360GilesAndCecilieTargeted15sVideoVASTDSKAudience16x9%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%7Bs1%7D%26us_privacy%3D%7Bs2%7D%26pbMethods%3D%7Bs3%7D%7C%7Bs4%7D%7C%7Bs5%7D%26cachebuster%3D%7Bs6%7D&_s1=&_s2=${US_PRIVACY}&_s3=[PLAYBACKMETHODS]&_s4=[CONTINUOUSPLAY]&_s5=[TIMESINCEINTERACTION]&_s6=[CACHEBUSTER]&_api=[APIFRAMEWORKS]&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.0.197 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: be213363019b53420741106af1448a49a6283a6b3fb45515c440a63bb11b7320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:34 GMT
content-encoding: br
vary: origin, accept-encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: none
timing-allow-origin: https://vpaid.doubleverify.com
link: <//cdn.doubleverify.com>; rel=preconnect; pr=1.0, <//rtb0.doubleverify.com>; rel=preconnect; pr=1.0, <//tps.doubleverify.com>; rel=preconnect; pr=1.0, <https://vpaid.doubleverify.com>; rel=preconnect, <https://cdn.flashtalking.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect
expires: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame C4E6 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 08:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 08:18:39 GMT

GET
H/1.1 200
OK consumer-privacy-logo-16.png
secure.flashtalking.com/oba/icon/ Frame C4E6 7 KB
7 KB 36ms
35ms Image
image/png 184.51.8.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo-16.png
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.8.61 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-8-61.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
Last-Modified: Thu, 06 May 2021 18:54:24 GMT
Server: Flashtalking (AKA)
ETag: W/"ea9218504eec09a337676178d9020356"
X-Varnish: 277043211 277296212
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 7281
Expires: Tue, 09 Aug 2022 17:56:46 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame C4E6 0
17 B 39ms
39ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l6mgskz9&c=5985420629524&slotId=2992710314762&qqid=CJbksoKmuvkCFa_Kuwgdva4CsQ&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=7&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=FTPrivacy&icdi=16x16&vmfc=8&vhc=0&ccc=0&msm=1&aits=0&webm=0&vp9=0&vamt=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=true&vms=1&bit=0&umsem=0&met.4=atrd.16v~videopreviewvisible.16w&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content DV360-TheWorldIsYourCanvas-DE_DE-GilesAndCecilie-VAST-15sVideo-16x9_854_480_700_3000.mp4
cdn.flashtalking.com/163839/ Frame C4E6 48 KB
0 433ms
300ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/163839/DV360-TheWorldIsYourCanvas-DE_DE-GilesAndCecilie-VAST-15sVideo-16x9_854_480_700_3000.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
x-amz-request-id: VKT84C4VM74YC572
X-HW: 1660066606.dop084.lo4.t,1660066606.cds079.lo4.shn,1660066606.dop084.lo4.t,1660066606.cds235.lo4.pr
Content-Range: bytes 0-1699852/1699853
Connection: Keep-Alive
Content-Length: 1699853
x-amz-id-2: 2aIV1GmUxXIfadLuFxVy8FrQMN3UEXWqi50gyn5HzJ63M5cehmHunvzNn7LN5nMwmXT1uNdXHl4=
Last-Modified: Wed, 01 Jun 2022 06:03:27 GMT
ETag: "d5843d17fc3e1b0ff2d86edeabdcb154"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=30
Accept-Ranges: bytes

POST
H3 204 csi
csi.gstatic.com/ Frame C4E6 0
17 B 40ms
40ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l6mgsl75&c=5985420629524&slotId=2992710314762&qqid=CJbksoKmuvkCFa_Kuwgdva4CsQ&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=7&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fvast.doubleverify.com%252Fv3%252Fvast%253F_media%253D3%2526ctx%253D15911784%2526cmp%253D184716%2526sid%253D18330%2526plc%253D6566075%2526adsrv%253D29%2526blk%253D1%2526_vast%253Dhttps%25253A%25252F%25252Fservedby.flashtalking.com%25252Fimp%25252F1%25252F184716%25253B6566075%25253B208%25253Bxml%25253BDV360%25253BDemandCreationTheWorldIsYourCanvasPhotoshop2022Q3DEProgrammaticDV360GilesAndCecilieTargeted15sVideoVASTDSKAudience16x9%25252F%25253Fgdpr%25253D%252524%25257BGDPR%25257D%252526gdpr_consent%25253D%25257Bs1%25257D%252526us_privacy%25253D%25257Bs2%25257D%252526pbMethods%25253D%25257Bs3%25257D%25257C%25257Bs4%25257D%25257C%25257Bs5%25257D%252526cachebuster%25253D%25257Bs6%25257D%2526_s1%253D%2526_s2%253D%2524%257BUS_PRIVACY%257D%2526_s3%253D%255BPLAYBACKMETHODS%255D%2526_s4%253D%255BCONTINUOUSPLAY%255D%2526_s5%253D%255BTIMESINCEINTERACTION%255D%2526_s6%253D%255BCACHEBUSTER%255D%2526_api%253D%255BAPIFRAMEWORKS%255D%2526_ssm%253D%255BSERVERSIDE%255D%2526_tsm%253D%255BTIMESTAMP%255D%2526gdpr%253D%2526gdpr_consent%253D%2526_abm%253D%255BAPPBUNDLE%255D%2526_pum%253D%255BPAGEURL%255D&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0FB 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BwSanLZvyYrfgG9K6lgTMtqyoAQAAAAA4AeAEAg&bg=!u7iluPzNAAZGjrx1Zo47ACkAdvg8WhkmjlMRkfNrgni5pQGCjGlSsQRpJSwje2gKm_7nfnRUA8GXewIAAACrUgAAAAJoAQeZA2NB4m0ZWsbjBx37Qo0zgY7iLCgDBILLLFzULfsK8R6XWHAf_-VB-3MEM3-g4dJVCmEyB87Gmm2lnMKO9ZaUoUtk3b0FeN2_T85sWvwv4fr4aaY7g8qt-Foue_v1s6G16OJW68xGebEU1GOYaliRVZH9NzTpFyjIeMhyhaTMkIi33H0WDahjJfsLTB4t5Vr09RzcyBgB9WtB5peELPohXUpm8U9Rc5NLjvpiw_WKbtmysOcJIe2wLJsO6O9i7BA7YgyMkgyB5NtJ9eJjh-NTtyNwKrndkPKXvQHHgRhcvLLBS7DzIAwcGFdnJRz-66O9FjIKoJhOmMSh5nHTUS1COFeqxSAuYq9ldNG3JwjC4jjJlZdHOvSEigKR_-a3hCuO9vGWGtzqWBGmSwduEpuNqCDbXrzxggJAoyDx4TGQktdF5czfK0qB41_UUnZEXTsSEXSGO77D1q_5ri3K1XmFw-StvYV2a8wFq1Va4LG156EvnSnmmPumIU2_wjuJlXs5rBrsWBse0JY23RcgSQ7hPQ84rxiN8XJYjsZiAziFDzfiH4AoCGVDt-iILthdh38KQoF2vewzQxMmHedP4ZRuaK0awLvckTPOwgEWIexCPVSbbLAP8ju5MYQHRjSaEx-G8J4BUYQkomExKBR-dhjSxnqNSjmfifLWLRnQHKb5YOONiiJUs2Z_dmGavTIRgye2LruWjZadhkDuMBhaotVfyINAlMOOTuSeLmFWUosask5dXnMVuAtVwTffKcqTMFIgVcTsGP7vPDNKDwhni_HZtcwBk1AZIR_rs76-C-ubp8gS4Udpgs02nK3RWU6ZF_2neq9OK9UwOjOuWev9_6IQOtB4c8AtcYF3u3dn5q0q-V6_NXCanb1Zp-NJ-ph6KXPuJlEyfXGeqBSkImPouYaPd3luKzqf4kfil2rw7rQu0FbWllgh0JZ2LiAVuE6EL4N8tuIdPBTaBAZX0lUuYi51BotH49K__bO3JpjXIn-OV_PemoYdmfc_dIvZ7auTycvHMFWNRK0Eosku4_gVyN2THoN1bzQk0VWQ2SnQ0QaeP-tpHBJyNt-KwOHLzoE2Lu3p99Vl84mjHhI3wGx1K1DlEcyxDxTgJ8wBNOomaYrN-VaaByEVadOYFe5QxhQjRtdHaja4xx8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame EBD5 23 KB
9 KB 19ms
18ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 10:25:48 GMT
expires: Wed, 09 Aug 2023 10:25:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF8E 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B5GR4LZvyYrfcG8nRxwLnwbu4DAAAAAA4AeAEAg&bg=!CQqlCk7NAAZGjrx1Zo47ACkAdvg8WpZX55hmiwshfDhXNAu8qe9WUQOZbFPepLXoj7YN1S90ncfOwwIAAACcUgAAAAJoAQcKAHSIa9vOV_ICVnm3PgGzBU4f-GfvyjAnXK5f0sZetQ327P6ZV83RG28daIsL2NL9UQ6SKcQ98v2Bt6w4ZoPvLUXO0SPKTN0r4jsuTQsykVFNCKx-Ply8Xmm35lf-XRIfAvBtaOfbxbwHGNNQ7GsVIKjXfS3G-5kDI44ryG8E9ecDbqEie-h5Dsi08VZNmPgp96jYVJjkT53e0lkET_IkZOOJi7ax3t2q-_FupGjk1mYIPFMcjUtYRkM5XSa0aI3y4u9KuBCQ8y9EfypDG8LWuQApIYpk9dBjlwFFZAwB5xsWWIC-mCau4zSj3a3JZc_cXI2oh6IzyLwaha40ml5nP8rbB0mNtU_LVjCU_YRkMmeMyvfNRfEf8B6UmFpH-Y35Q2gaihwqES9hJgItYe37g7R9H7Sy0eK9pH71255lUYM-q7Cwu9u6pj8Lo8SXRaAag1UckDqwcz5hrJy8TRtJOjc7OKfKTDbgN3f-iOvra7UcW1HtsccXPt4r_XYXcjbkxSFocpWBrZ0YLMUZwVgGi4pn9u-p7kIpA07WQFDTdWFw89x4m42ryQLQc5Dt9Xdvj7qriV2a055-JDSgCevnTerH_aWQ8SeLcDB1380BNMpccBeS4SRNl-bFRvrohf4Ss7Sv6BkuUPgWd7zU5DOBtaJUciY_OtMEZPjXoXWnIARXvbPsKNjjSZwCYsmt-xL5MYOKYjkeibE-JkHRgdHMQu0NR8JSZb3-0HFZgKr92gFuaXScsUiu3xZSvr1OGCRl33x94oSY1JcpK1CW0m1OE0gg4W4BPXXyJv5z2wSCgDjTXWG7O67UylcIW4-rnF4FC82H4YIz_ukuKLEK8ZpS9JJgJD66PnVPb5ABCP74LOW1nwMeCCrOUQBwNezt5vvq-XDwqCzXw9zGFplMN_9tfl59_Q05INA_aTsnAWjqp8ObvN2BxT--rGOSxDAJEE9u1A9mnIeHHxTwQkSDdQBbgTG5NI_3nUHurB--OEpbnf3FY8tJ3kEffbS1pPbvWxst_QDMzlgIug599dSeIxQYizu1h-aWXA2s7g_mFbowdDJEvVj6cN4_MlrVFQH-9b2QikDQ-m70TKpugdVbmVTmckJlaPwYt8BjX2o1cQJnLeh4PbSx51l5TkMLihUMmOKTbhvjpnCOGqx0hneNCL5DhIkTM1QSc8KyisC09JUivmXsISJ_HIwnZ1QYHfdE4r9-UIrt9M6UEfS2tnyf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame EBD5 36 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 13:08:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame B690 8 KB
3 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=90.265;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1964084963;ord=muvr2p;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fgo4kora.com%2F$0;xdt=1;crlt=AKYWd6985D;stc=1;chaa=1;sttr=71;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 17:36:00 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B690 0
575 B 408ms
250ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuNKvJHtuCebTL5zEqiRN26Iy-kPUtfwG6_ov-clth13d9kUhXNS99_8kmgx7GwuR5Rrn1AD0J0Plzhs110nJuhgPLAxk1_JyEaDg0aIQi4Mftet8vnF0QMHzj_rVa18m8-irZ8mpMCoMwLHRrFKDy9ESxVA&sig=Cg0ArKJSzPUrmZH6WrgSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220808.92536&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 17:36:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B690 41 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 16:26:05 GMT

GET
H2 200 2692147425811226566
s0.2mdn.net/simgad/ Frame B690 90 KB
90 KB 179ms
21ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2692147425811226566?sqp=-oaymwENCNgFEFogAUhkUAFYAQ&rs=AOga4qmO8JbcaYUzEg4o03RwoaO-jqaeXw

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

735fe25c0a387a7acbfb3dbe51ee6e4c2c3be4dcc9d9d11f3a0f9dc5c5f3bc96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 20:23:10 GMT
x-content-type-options: nosniff
age: 76416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91708
x-xss-protection: 0
last-modified: Mon, 16 May 2022 16:38:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 20:23:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B690 140 KB
43 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
URL: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 17:36:46 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame AE7D 0
17 B 39ms
38ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l6mgskfm&c=6137452394096&slotId=3068726197048&qqid=CM-zhYKmuvkCFfWZ_QcdQcUGMA&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=7&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=FTPrivacy&icdi=16x16&vmfc=8&vhc=0&ccc=0&msm=1&aits=0&webm=0&vp9=0&vamt=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=true&vms=1&bit=0&umsem=0&met.4=atrd.1hf&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 9763 0
17 B 37ms
37ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l6mgskh1&c=6577407012490&slotId=3288703506245&qqid=CML7hYKmuvkCFbfuuwgdjSgOSQ&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=7&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=FTPrivacy&icdi=16x16&vmfc=8&vhc=0&ccc=0&msm=1&aits=0&webm=0&vp9=0&vamt=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=true&vms=1&bit=0&umsem=0&met.4=atrd.1i9&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EBD5 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B5KdLLpvyYp7xBtKt-waF5ofgDgAAAAA4AeAEAg&bg=!_f6l_rrNAAZGjrx1Zo47ACkAdvg8Wtq5DHJk2CQ_qxkijbFpcmMLeUNVWe7Mb_7wAXFPOl-OiMixUQIAAACOUgAAAAJoAQeZAyoLgED90E6xpqqrfIrTO3ZbLztZTvw750xcVCxYlOHdSNO3WoFQNc3RMMZKVKupL4wdzcckgQ7k-T3TXEeJROOHs6eWHkS2hY4IQSIw7ea7sUaPexEdxcEQ0HU73rL48C_v45uDdt8s98BhYFCtqGeeiII6N-G16drHV_H4VWEh6-oMsLnswWal42TzCTiIhQdNwKBCrWwfVgsewYFR8CAMLYqIj2Ohwb6hgYX2p8tcoNm119V_VjFwZk6zD6OfbwGxDoetfbqUUm2EIzoR0aI9krjPQFHfY6VL9eKYWfgxtjtqy7h4JTh5LneSypNBV_g4RH08gLh0UG-N1eVHsFbw2woeAvvZ00g9Gi24lYhCEbCrNgxnvC7UpVR2WzcHpnpUzG1UtZtqWOFHZcWtsAcYP_3_SNCtZI4FKxSni54kPDQkI0i3HotriBLIJCXh5UPY8ITNdiIfqfPze5387jC-mUJQhLoDpcIXX49BPTuPRRDRTRBp-d8Zii9t03SPA8L3U7hM5pwbMSez_W17ZeGTFyUtAI_eeYc8f4EmtvQaOy_91sf405G8BUmOhx8XLLyWPAi777SStpr_sISAAQK604vDYpm0zb06quowKFN5TGQ1KWr4unw6DvHd5qLKgW7kr_JmYLF-A_LwSvjmMmTfg2bD9ZySY4SsH8nJbGG240lZLbt404Zpm3znE4XgP5FFXzsMheOLQ3SynsMzwpn44BfIy3az2g_wPxJIUoT2Vo6AEqsPLc8aTBiFJ5wlprJM-V4KBrpTYZr_QiVcTwN1OcaoLuQoTTIzMWnPhjhYmgYED2aKzdDShPuyAnpLiQqHxACsj_Sf0M_1MDxlSssNoibmFzVRKpsQzpL9rT3lUn_WxIw-a_FrXeoW8CDZ6DhAE54zwN9w_PwMBA65g3fhs1EbJHZCli6pUtia1JPLncR3QpMkXIqZyId-uUzb2vPFGM1E66szXDhC1w_ThT-dsudPZCWvVYl17IEg0q7Wm2QGWEDwfEncjtwlIYz7vn2jaHMjKf8Uu1o9AVI5XVL54HYfQ47H8SSjV4hXH8mZoFNSIbBCi7FSsnk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2362 22 KB
8 KB 21ms
21ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 436241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 16:26:05 GMT
expires: Fri, 04 Aug 2023 16:26:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B690 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ba20255e38b40de942a1275feddd429beb277b1eb53e53a60250516dc605799

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame 2362 36 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:08:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 13:08:06 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B690 0
63 B 215ms
215ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 17:36:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 206
Partial Content DV360-TheWorldIsYourCanvas-DE_DE-Chibu-VAST-15sVideo-16x9_854_480_700_3000.mp4
cdn.flashtalking.com/163839/ Frame 9763 45 KB
45 KB 96ms
35ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/163839/DV360-TheWorldIsYourCanvas-DE_DE-Chibu-VAST-15sVideo-16x9_854_480_700_3000.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2b6d3ba6e2efa196258f88899c3c58db35d0ddd1877d1fe4d4eb6cc7c0ec5138

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=1638400-

Response headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
x-amz-request-id: CA4YSMDSRDBV01NK
X-HW: 1660066606.dop243.lo4.shc,1660066606.dop243.lo4.t,1660066606.cds295.lo4.c
Content-Range: bytes 1638400-1684131/1684132
Connection: Keep-Alive
Content-Length: 45732
x-amz-id-2: WZ3PTDTDePAlZ+N18VLLtqTrxWfnSuFA5XANvVibODRh54sGxPM28UOiKnwUms+PyNHJ1PeQjSQ=
Last-Modified: Wed, 01 Jun 2022 06:03:01 GMT
ETag: "dc6e160509cfeec68948f7d0155af3de"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=30
Accept-Ranges: bytes

GET
H/1.1 206
Partial Content DV360-TheWorldIsYourCanvas-DE_DE-Chantal-VAST-15sVideo-16x9_854_480_700_3000.mp4
cdn.flashtalking.com/163839/ Frame AE7D 39 KB
39 KB 137ms
32ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/163839/DV360-TheWorldIsYourCanvas-DE_DE-Chantal-VAST-15sVideo-16x9_854_480_700_3000.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 74892463bbc381d3f399cafabb9d4cd4529afaea1f2e41dfb02747f0af7820ae

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=1638400-

Response headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
x-amz-request-id: 03ZR7EBTXP7FBYEB
X-HW: 1660066606.dop085.lo4.shc,1660066606.dop085.lo4.t,1660066606.cds089.lo4.c
Content-Range: bytes 1638400-1677838/1677839
Connection: Keep-Alive
Content-Length: 39439
x-amz-id-2: qTcZa6YLTYg4Js9/5ifEQJ0+WGs11IyZU00le3Sa7661FV6xUdgQPnBmt8NS9DNqGnem/SmJug4=
Last-Modified: Wed, 01 Jun 2022 06:02:12 GMT
ETag: "c5ad5eb103de18483dfb4a71e3e0ab13"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=30
Accept-Ranges: bytes

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080401&jk=3768919082520376&bg=!dXaldjLNAAZGjrx1Zo47ACkAdvg8Ws1wg1C79zzpQne7qDeGO3ugJX3iHDL0DM1kt7pERmCQRTHU0wIAAAEmUgAAAANoAQcKABik2dOspi3EDwbqMYzvpvA2Z9Tf8l4ILwqZAvEHgslAl_U0Rp4QUoVAt15h8SxqwuVeyONGaRg0Q1GVZQZgBZ1oB4H3Od9_EsKrfradSqmh2N4-M4KvNcw6Xr4m_SYR5IXWXwFxK2FHPE-InL9sKhaoguigHf1MXNR1lg79eTnoPdKQtX5yfWPetUlYoLWX0U6aoTU5f9E6yoHBADe5gMkITm3id3uvaf19d4LoI78mMIfYpw6DMfHzvjB6_F-bvZiBU5GyWQPB-pVU7Sm1PaO3GEhzgy7JP98NH5RirkwR5Hn-WuWfRwIW78vtNZISdEa8DZcapJU3SkWG9g2wkmHZ_x383zzBHUV9zdy5d386YA-tHRAmRQJmaxvs5zin2cKQPRIVHWhEIppivetN0r3A5NJD3MaDA7MHC5_J5hDG7Dkp1EOe7_cO0CVotKvMbc2bm-A1blipfaC1nSh2cf80EC8YElz0hKqdYuvhsSjdffqLStVErzrP_gv0JYa4QvZeKkW_FYBZ5ryYX7dlpQ6Sq7Nqd7zMFXGH-3ebrdnO2kmTRt3-Ly3K_IqpLbWtzDU0H1RSGOJMyGHlH9HFn9cYrbOOxIJupd_mw7aCcbnz0Mz8i-KKY6TB1pDujQRRyWqZ9ySD4zdcHQsawd2Y017nil9xy6QsGWXPhtQs-vJzdNOUzY7rG3QxpKuBY8vkEOhM3FCVZUyWxqDIsdSHt1fiR-bT2VnvFlkQdFfa-6GqnTSIQUJ_ZZkqQeaRSV09Hqg4xDw9pf_WfZuaHgE-4DQoUkZAArM8AZw4Lf7bMO5MVZ3MfjvQbgAj06BPhY5Ih5LS39S0CAbvY57KmyBOAieEEZotD5ApR6wLSbT5RlSj0VNPanj9cvBgLsGFJnNtMNjlqv4ft7OuDSB8CQutOGpdqd6FPe2lA1JMNnDxJzZr2fMf-S7I3gmA7ovQnvftjb17s0M5OPa-eEVV3mt1PVVBHhjFTgaxOZh3OAMTbOJXNp0v85HDjBXDeAjVzPuhS9miqeCN_29GU4-G7sY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H/1.1 206
Partial Content DV360-TheWorldIsYourCanvas-DE_DE-GilesAndCecilie-VAST-15sVideo-16x9_854_480_700_3000.mp4
cdn.flashtalking.com/163839/ Frame C4E6 28 KB
29 KB 135ms
59ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/163839/DV360-TheWorldIsYourCanvas-DE_DE-GilesAndCecilie-VAST-15sVideo-16x9_854_480_700_3000.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 6df40165a37b0015758e58a5713dd5d1e138a085f9f56edc9efee220c5e3c723

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=1671168-

Response headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
x-amz-request-id: VKT84C4VM74YC572
X-HW: 1660066606.dop030.lo4.shc,1660066606.dop030.lo4.t,1660066606.cds235.lo4.c
Content-Range: bytes 1671168-1699852/1699853
Connection: Keep-Alive
Content-Length: 28685
x-amz-id-2: 2aIV1GmUxXIfadLuFxVy8FrQMN3UEXWqi50gyn5HzJ63M5cehmHunvzNn7LN5nMwmXT1uNdXHl4=
Last-Modified: Wed, 01 Jun 2022 06:03:27 GMT
ETag: "d5843d17fc3e1b0ff2d86edeabdcb154"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=30
Accept-Ranges: bytes

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2362 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpV0mLpvyYpGjGNSN9u8PgZ2rwAcAAAAAOAHgBAI&bg=!-_il-LzNAAZGjrx1Zo47ACkAdvg8WqRCSxpHjNk831TZx4wXEcAEHMLnAJWm2A6Yb-qDJ7SDLF5hugIAAABeUgAAAAJoAQeZAxWi9Agn1D-61XdM34pviaU9XoERlKi5_tJ7ciYVasWS8GGV6JfhKEks1UoUm4CCIeUEuCHRP8zZZvH-OFZm6LorR_orfTyzSNPNBg1TQtICOUaI2BlOEvOMHlAYJc9crYHBjQMZRwCqxc47Q8E8GhkiRasUruJ1w3kHWXCB4289ynRCHoGu8mGCOI6c7A6eGN0bSvt5TrrxR0NJ_GoIqgfCja-mgD8ayfEV2ov3DPkWGdleeQ1SQRMOP8OC9itW7hgViYob-9eNInLVGZQz6HlvhSlPrV6Pxk_U59pbhuaV-y7vmGSRSOd2Gk6DKLp6kxKyqiK4rmmjd4F-fyhh4Uk7-okFMdZPgg-hQRma8GIozvWNpfr4zMO_XKfZOgzuSaWLNLVrVgB8zezxqPHSAiiN7dCSVDpjaEAztyivhwv0LcWDUsxnq3vGYH8MXkbQSl90-YigMMV42RJxjTUp7ctBe7LNhTsyX5ikVKAU_yKwZx1fXicqR8bqOPXwFajKcUpXeu-VOrllOjqfJ_81JDH1HsQYFYircRqnyb8fkKAocaVTyBKLUrULdO_oX_0wzxZ5kfiAMqHiRS63a4OPN4pg914WEO1phT7msOeA9eynsEvRFiLzB8lF4uA94dSbsH82EhqaTv9GrFn9btMpd1i8VvX1yDyDpFBXrzUr2FdMI70v5rtTDdbW0garPRAgmCEH7zgS4I-NKkE08HTllU_wKAQTSwqdiwqmX-YPxitE7yIMgp2vhrG8gvax6gQkj2I0hXGI3qhveWh8YVle6FIfHrnHCT34PzJlNfeORuZEH0UmxlaR8Oif7eha7bVY9p2-37JKHqibv5SfgDmI1s-gtD4-dOaIhTiEEdmZkm6i6tGZrpkSA30X-9OzFmQGAk9u5X-SbOPf587LHRGKv8P2rYpMCRuQ9R32kYWvoAo5KgOhvn-m9erGqr-MO3oSwAExI6hnFhTza1WMWk8BvhkinjaiLd86JtZs5LBW94VA5WJT8xzac1_8u44bG677eWmJiasJ2DZZ8LiafSnJ_wbr5OexMko

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content DV360-TheWorldIsYourCanvas-DE_DE-Chibu-VAST-15sVideo-16x9_854_480_700_3000.mp4
cdn.flashtalking.com/163839/ Frame 9763 2 MB
0 32ms
32ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/163839/DV360-TheWorldIsYourCanvas-DE_DE-Chibu-VAST-15sVideo-16x9_854_480_700_3000.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=32768-

Response headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
x-amz-request-id: CA4YSMDSRDBV01NK
X-HW: 1660066606.dop243.lo4.shc,1660066606.dop243.lo4.t,1660066606.cds295.lo4.c
Content-Range: bytes 32768-1684131/1684132
Connection: Keep-Alive
Content-Length: 1651364
x-amz-id-2: WZ3PTDTDePAlZ+N18VLLtqTrxWfnSuFA5XANvVibODRh54sGxPM28UOiKnwUms+PyNHJ1PeQjSQ=
Last-Modified: Wed, 01 Jun 2022 06:03:01 GMT
ETag: "dc6e160509cfeec68948f7d0155af3de"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=30
Accept-Ranges: bytes

GET
H/1.1 206
Partial Content DV360-TheWorldIsYourCanvas-DE_DE-Chantal-VAST-15sVideo-16x9_854_480_700_3000.mp4
cdn.flashtalking.com/163839/ Frame AE7D 2 MB
0 31ms
31ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/163839/DV360-TheWorldIsYourCanvas-DE_DE-Chantal-VAST-15sVideo-16x9_854_480_700_3000.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=32768-

Response headers

Date: Tue, 09 Aug 2022 17:36:46 GMT
x-amz-request-id: 03ZR7EBTXP7FBYEB
X-HW: 1660066606.dop085.lo4.shc,1660066606.dop085.lo4.t,1660066606.cds089.lo4.c
Content-Range: bytes 32768-1677838/1677839
Connection: Keep-Alive
Content-Length: 1645071
x-amz-id-2: qTcZa6YLTYg4Js9/5ifEQJ0+WGs11IyZU00le3Sa7661FV6xUdgQPnBmt8NS9DNqGnem/SmJug4=
Last-Modified: Wed, 01 Jun 2022 06:02:12 GMT
ETag: "c5ad5eb103de18483dfb4a71e3e0ab13"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=30
Accept-Ranges: bytes

GET
H/1.1 206
Partial Content DV360-TheWorldIsYourCanvas-DE_DE-GilesAndCecilie-VAST-15sVideo-16x9_854_480_700_3000.mp4
cdn.flashtalking.com/163839/ Frame C4E6 2 MB
0 49ms
49ms Media
video/mp4 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/163839/DV360-TheWorldIsYourCanvas-DE_DE-GilesAndCecilie-VAST-15sVideo-16x9_854_480_700_3000.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=32768-

Response headers

Date: Tue, 09 Aug 2022 17:36:47 GMT
x-amz-request-id: VKT84C4VM74YC572
X-HW: 1660066606.dop030.lo4.shc,1660066606.dop030.lo4.t,1660066607.cds235.lo4.c
Content-Range: bytes 32768-1699852/1699853
Connection: Keep-Alive
Content-Length: 1667085
x-amz-id-2: 2aIV1GmUxXIfadLuFxVy8FrQMN3UEXWqi50gyn5HzJ63M5cehmHunvzNn7LN5nMwmXT1uNdXHl4=
Last-Modified: Wed, 01 Jun 2022 06:03:27 GMT
ETag: "d5843d17fc3e1b0ff2d86edeabdcb154"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=29
Accept-Ranges: bytes

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/6566075;3934948;0;271;C88102AB-DC73-A73C-1385-7900DB805BDF/ Frame C4E6 42 B
420 B 242ms
45ms Image
image/gif 209.197.3.19
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/state/6566075;3934948;0;271;C88102AB-DC73-A73C-1385-7900DB805BDF/?ft_data=[PLAYBACKMETHODS]|[CONTINUOUSPLAY]|[TIMESINCEINTERACTION]&cachebuster=1374479993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app13.lhr11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 17:36:47 GMT
Server: prod-xre-app13.lhr11
X-HW: 1660066607.dop239.lo4.t,1660066607.cds236.lo4.shn,1660066607.dop239.lo4.t,1660066607.cds290.lo4.sc,1660066607.cds290.lo4.p
Content-Type: image/gif
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ft.stat
ad-events.flashtalking.com/ Frame C4E6 0
67 B 275ms
47ms Image
text/plain 35.176.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/ft.stat?14300;184716;6566075;3934948;0;13;C88102AB-DC73-A73C-1385-7900DB805BDF;5334FC57ECF6EB;1374479993
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.214.99 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-214-99.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:47 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 204
No Content event.png
tpsc-video-eu.doubleverify.com/ Frame C4E6 0
138 B 287ms
29ms Image
text/plain 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-eu.doubleverify.com/event.png?vstevt=0&dup=6080c950-bff8-4e2e-a6bb-5309d10f4cfe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 17:36:45 GMT
Cache-Control: max-age=0
Expires: 08/08/2022 17:36:47

GET
H2 200 dc_oe=ChMInsDxgqa6-QIV0tbeCh0F8wHsEAAYACDx8qtSQhMIluSygqa6-QIVr8q7CB29rgKx;met=1;acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame C4E6 42 B
107 B 223ms
61ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInsDxgqa6-QIV0tbeCh0F8wHsEAAYACDx8qtSQhMIluSygqa6-QIVr8q7CB29rgKx;met=1;acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15019%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D570421943%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1660066604314;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C4E6 42 B
64 B 58ms
53ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTc1CLZvyYtaZBa-V7_UPvd2KiAuioMuwap6A5J3tD5bRyM_gARABIJWbyiFgleKQgqAHyAEFqAMByAObBKoE4gFP0K58nxE5lJ2T21cRSLQ-zpShKy63xrpqJjjcFpnFkWqqg2SNoRDjpBem6lLpNl5bERE-EQRT-XgyjNO_DHnpKIam9uCl1jzup4Y0iyd1-niFQKTI5DrJHUfy4qlmy0WxRAw3sHvO3cggXfKWEljNGNadktZ41e2h4_hP6e3nkR12ltkBECgopf6A8Vq9ypnBAUOtuKdRTYSIzskhjh3_Ea483-p1KZliyGAz63x7piSFzYz8nEqAQFFEjJz3hnWagXRgpwiIL03V3CmrQ0UiRBAYMddrqONnenbs3f31vBiFwAT18uqJ_wPgBAOQBgGgBnmAB_-TteECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xNjk3NDcwMzc1Mzk2MDgwgAoDyAsB4AsBgAwBsBOOuasP0BMA2BMKiBQF2BQB0BUB-BYBgBcB&sigh=QPrRL7gc2A8&label=part2viewed&ad_mt=6&acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15019%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D570421943%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1660066604314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

3934948.gif
cdn.flashtalking.com/xre/656/6566075/3934948/image/ Frame C4E6
Redirect Chain

https://servedby.flashtalking.com/imp/1/184716;6566075;201;gifimpid;DV360;DemandCreationTheWorldIsYourCanvasPhotoshop2022Q3DEProgrammaticDV360GilesAndCecilieTargeted15sVideoVASTDSKAudience16x9/?ft_...
https://cdn.flashtalking.com/xre/656/6566075/3934948/image/3934948.gif

42 B
741 B

117ms
37ms

Image
image/gif

205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/xre/656/6566075/3934948/image/3934948.gif
Protocol: HTTP/1.1
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 17:36:47 GMT
Content-Encoding: gzip
x-amz-request-id: Q4GYXDM5S0AQK6V8
X-HW: 1660066607.dop209.lo4.shc,1660066607.dop209.lo4.t,1660066607.cds225.lo4.c
Connection: Keep-Alive
Content-Length: 53
x-amz-id-2: WgQrOvkwMadebUaUrUZD4L++j6ydePogzuJC+U4VQUI4tY0qoziulRSg7SQ+HNPO4DzWZjnH3fU=
Last-Modified: Wed, 01 Jun 2022 06:03:06 GMT
ETag: W/"d89746888da2d9510b64a9f031eaecd5"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=475
Accept-Ranges: bytes

Redirect headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 17:36:47 GMT
Server: prod-xre-app3.lhr11
Access-Control-Allow-Origin: *
X-HW: 1660066607.dop238.lo4.t,1660066607.cds041.lo4.shn,1660066607.dop238.lo4.t,1660066607.cds245.lo4.sc,1660066607.cds245.lo4.p
Location: https://cdn.flashtalking.com/xre/656/6566075/3934948/image/3934948.gif
Cache-Control: no-cache, no-store
Connection: close
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 img.png
d9.flashtalking.com/img/ Frame C4E6 70 B
484 B 397ms
40ms Image
image/png 52.49.231.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.flashtalking.com/img/img.png?D9r.DeviceID=true&D9v.CampID=3175&D9v.CCampID=184716&D9v.ImpID=C88102AB-DC73-A73C-1385-7900DB805BDF&D9c=ftVideo&D9c.placementId=6566075&D9c.creativeId=3934948&D9c.confId=0&D9c.privacy=t&D9v.gdpr=FT_GDPR&D9v.gdpr_consent=&D9v.us_privacy=!!US_PRIVACY!&cb=1374479993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.231.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-231-213.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash: f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 17:36:47 GMT
Server: Apache/2.4.52 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/png
Content-Length: 70

GET
H/1.1 204
No Content visit.jpg
tpsc-video-eu.doubleverify.com/ Frame C4E6 0
138 B 301ms
41ms Image
text/plain 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-eu.doubleverify.com/visit.jpg?vstevt=2&tagtype=video&ctx=15911784&cmp=184716&sid=18330&plc=6566075&adsrv=29&crt=6566075-3934948-0&dup=6080c950-bff8-4e2e-a6bb-5309d10f4cfe&dvtagver=dvot_0.8.122_389cd3a&vad=15000&dvp_zjsver=0.21.17&dvp_psfts=1660066594119&dvp_psfst=ack&vstvr=2.0-i&dvp_blk=1&app=-1&essd=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 17:36:46 GMT
Cache-Control: max-age=0
Expires: 08/08/2022 17:36:47

GET
H2 204 /
vtrk.doubleverify.com/ Frame C4E6 0
167 B 327ms
44ms Image
text/plain 34.253.123.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&ec=vast&cid=6080c950-bff8-4e2e-a6bb-5309d10f4cfe&el=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F1%2F184716%3B6566075%3B208%3Bxml%3BDV360%3BDemandCreationTheWorldIsYourCanvasPhotoshop2022Q3DEProgrammaticDV360GilesAndCecilieTargeted15sVideoVASTDSKAudience16x9%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%26us_privacy%3D%24%7BUS_PRIVACY%7D%26pbMethods%3D%5BPLAYBACKMETHODS%5D%7C%5BCONTINUOUSPLAY%5D%7C%5BTIMESINCEINTERACTION%5D%26cachebuster%3D%5BCACHEBUSTER%5D&ea=impression&cm114=1&cm115=47&cd101=vast&cd102=src&cd111=inline&cd112=unwrapped&cd117=2&cd170=29&cd182=vpaid-transformer%400.21.17&cd188=fra1&cd189=droplet&cd190=15911784&cd191=184716&cd192=18330&cd193=6566075&cd195=1&cd196=3&cd141=%5BAPIFRAMEWORKS%5D&cd142=2022-08-09T17%3A36%3A44.327Z&cd143=2022-08-09T17%3A36%3A44.327Z&z=64363674
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.123.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-123-4.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Aug 2022 17:36:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C4E6 0
27 B 158ms
69ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyY-fpgeLcwU4zpnoYotx-9D2ej6PlMMmLx_A8rH1Vm12UmYfAnKRmHIbUUCat_3HY-CCnJSUr52w2GBXnf7u54zr_TW58kKeDqSrXPFFRK0wqlGsYSJIVc9OorwaxnUqLuTpCBgP2lK2TWl9xSRGavwcqd3i7rAgvsh-MaCNewOl39TpmpGIMncTHWcM4_rkEUXtdCSWtKFf-w-QlcrFkhfUTXZNP_gtdLfg4rIpMMDHTdT-kXnHlunK69vNzqrXXqZMzUF8vasXW2iJFg6tbxk7ftrp46BP_7uN01wPHridlNZkgeb_-Q385o_STInBfFZ69oDtUtlw07zZV_yb7PFB63mAbLSM2h9brHg2BDGRcqylIPSgvg0qJ0XAKKnA7uHd_oAxCo2Zm3hwq8cdShA5rV5wOBtQ6oL2XiEfN_aX_HgizPzhQdiePorw8Y3ORUNaKCdHoLZ-zMlni_2ZH-uFE3qaLJuRIrjhWX8FT6sm__i42Bk_b-KmWMLyWQdk73fPJaJXgI1GTCeSLKcMGL60XRsmuJIu8jvjkrSlkmYMQeL023i5NMfla9coDZc2lcrUGEQ3848tF9ZOX83H9VF-xbsOBlX9YBIiixkPMemtIRi0vVjUR52bQEm4wnllaR-2-GiQT-2vY9mb5x_5DXh3V2htGGribK30c5TkTaNpUXm9FNUgSvVICryxftak0ZHswsnnal8ca3aFJNYAJ4F5PAkEjE280XMbaeiy30J6kHWLzNYNpPlDn1C8LKs0fuFbDLSiT30kaEZP5oMDWO1g69_Up_aITMWomaUso0xzlKXfBYys-C5_rlsSsXRrRCGPE4Wk-OwYaLNChZPJC8_oM2jiuB7VoGeZg5c3KZOtQ-TeWZvTY9ryLSV4m8qmzw1jY9JHCwkWcXfyHUTfAeqF-7vakk9cbXO06YKA1k9Y3E1I6IPcazplc019x7znTEANs-lJb0uL8S0uIHGFt--6SST8cGmU8L4qb2oUt03SQtitl5iNYrTqDt5Nix6Cs92zrxFBWB8y4tDzYS18i36IB5skADYKti2u36eaaxrqU5yTvVsN6AVhsrc08O2Gx19X_RPYpAgFVOnaCKnKdE69goULqbSfYHEz4c579dH8tN6YbHyVApfaqK8NIUTxojtb8Kz9AfAr7Z9lq_Vshbf8lHTd_y9vScTqCIu6HgGes550jHmUlzsG9AYrMHnmyInwoEA&sai=AMfl-YQAxPSPxlnumckPVOLB5FX8nVypxBuyTBnVBKsfuu5Q6WbnfGrFtFvAMlulTHeh4e7MOVFh9-PRgqxRLIDoMmvBMTLY1kIXKdoGtQE8cAMWciwsJ9aDUlh4OihRXKKJE4K3VMbLGAAwYdXR_SluE6CEkvD8mJI6PWhXxemUZ8VsQeJII22O8z8laG1B1xG3trFGAmFuAOhSF-jtP3x3wA&sig=Cg0ArKJSzNzkgAFWaUGdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 09 Aug 2022 17:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame C4E6 0
0 45ms
41ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGKnCi8wBIAEwAQ&v=APEucNUlne3RCv9RlbADXztwo1_ZkABRXQDIYKt1r_NseHmT5NOeLKcVhT42ae3boiSHCyCeY3n8nB14P_5MieZRzfEzIAU0Yg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4E6 0
20 B 53ms
50ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMInsDxgqa6-QIV0tbeCh0F8wHsEAAYACDx8qtSQhMIluSygqa6-QIVr8q7CB29rgKx;met=1;acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos...
ade.googlesyndication.com/ddm/activity/ Frame C4E6 42 B
494 B 220ms
61ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInsDxgqa6-QIV0tbeCh0F8wHsEAAYACDx8qtSQhMIluSygqa6-QIVr8q7CB29rgKx;met=1;acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15019%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D570421943%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1660066604314;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C4E6 42 B
64 B 58ms
55ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWk1fKZzfHy87x4gJr5x0NNdGPlldqJGAvFU2ln1KoR9n89YaPxXdMA3luZaZZ0OmnoXvJPRFCSvS9i4iUCN3Rd1RhK-PTj_BScKiQzD2kCe_CecxXXqgcuSmMb0MYbUs&sai=AMfl-YQkf6UhWvDKDXpL-P1iv8aweg1W48cR9FWVklx345ZQVcUUo2dFS9oAq1oXOIzpDucReqOXSXvSaj3Uab0XXFFx8cP_x5lbMRnKimZsPb4KXkQOB5EAKrDm-Xc&sig=Cg0ArKJSzMkesqAMN1j3EAE&cid=CAASJORobyuiDkuBHCLzVTr77T56Zb9ikfZ1AR2JUoXebQReoYCwag&id=lidarv&acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15019%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D570421943%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1660066604314&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C4E6 42 B
64 B 58ms
55ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTc1CLZvyYtaZBa-V7_UPvd2KiAuioMuwap6A5J3tD5bRyM_gARABIJWbyiFgleKQgqAHyAEFqAMByAObBKoE4gFP0K58nxE5lJ2T21cRSLQ-zpShKy63xrpqJjjcFpnFkWqqg2SNoRDjpBem6lLpNl5bERE-EQRT-XgyjNO_DHnpKIam9uCl1jzup4Y0iyd1-niFQKTI5DrJHUfy4qlmy0WxRAw3sHvO3cggXfKWEljNGNadktZ41e2h4_hP6e3nkR12ltkBECgopf6A8Vq9ypnBAUOtuKdRTYSIzskhjh3_Ea483-p1KZliyGAz63x7piSFzYz8nEqAQFFEjJz3hnWagXRgpwiIL03V3CmrQ0UiRBAYMddrqONnenbs3f31vBiFwAT18uqJ_wPgBAOQBgGgBnmAB_-TteECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xNjk3NDcwMzc1Mzk2MDgwgAoDyAsB4AsBgAwBsBOOuasP0BMA2BMKiBQF2BQB0BUB-BYBgBcB&sigh=QPrRL7gc2A8&label=vast_creativeview&ad_mt=6&acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15019%26vmtime%3D5%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D570421943%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1660066604314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame C4E6 0
17 B 38ms
36ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l6mgsl7b&c=5985420629524&slotId=2992710314762&qqid=CJbksoKmuvkCFa_Kuwgdva4CsQ&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=7&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=first_play&asset_bytes=196212&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1r4~videopreviewstarted.1r7
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B690 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHqUVKSzgnMElEI_QXM544A1ZQ9WLdXsN8UdoYJh5nlti_P_2BDx7HOawqc-m-IeSyxehiVfLQekt-AeMWcjkqeNvxlli0&sig=Cg0ArKJSzH-H7u79Mt3zEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=1964084963&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660066601920&rpt=2105&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B690 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3CzX3XjDYH2Tg6NTzrk5z-XRNyW4Ru4qkhxwmtcsMCT-WLIGfpy3-RUGzugAXgFa5BH-bHZkGDV5skPiRhD29Id7MGrY4Mh1ncGOFOd3uJ363Y8WvDBTPG_KAWZRxAcpc&sai=AMfl-YRH72sQ10jOxrgcrBppXPIKH4asp__d1AiGIq1bGs9E18eIw5N_70Xx5wqmjyAVYiQmi28NyzGZAA4C5yIGzf7RP_IY7wsbt642lIgz2-xlOoPgfQ0Y30I8kmTABRY&sig=Cg0ArKJSzCqMsS056IQxEAE&cid=CAASJ-Ro2im-0HiwnyTLDr13pGnvUb28Fn1rM2YG1IV46KFCxTJPhWGMnA&id=lidar2&mcvt=1002&p=1110,436,1204,1164&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=2825964077&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660066601920&rpt=2099&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 65ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5QKX54JRFP&gtm=2oe880&_p=1683728348&cid=1717641412.1660066600&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660066600&sct=1&seg=1&dl=https%3A%2F%2Fgo4kora.com%2F&dr=https%3A%2F%2Fgo4kora.com%2F&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%AC%D9%88%20%D9%81%D9%88%D8%B1%20%D9%83%D9%88%D8%B1%D8%A9%20%3A%20%D8%B9%D8%A7%D9%84%D9%85%20%D9%83%D8%B1%D8%A9%20%D8%A7%D9%84%D9%82%D8%AF%D9%85%20%D8%A8%D9%8A%D9%86%20%D9%8A%D8%AF%D9%8A%D9%83&en=page_view
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QKX54JRFP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMInsDxgqa6-QIV0tbeCh0F8wHsEAAYACDx8qtSQhMIluSygqa6-QIVr8q7CB29rgKx;met=1;acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,575,1023%26tos%3D2005,0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame C4E6 42 B
63 B 97ms
55ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInsDxgqa6-QIV0tbeCh0F8wHsEAAYACDx8qtSQhMIluSygqa6-QIVr8q7CB29rgKx;met=1;acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,575,1023%26tos%3D2005,0,0,0,0%26mtos%3D2005,2005,2005,2005,2005%26amtos%3D0,0,0,0,0%26mcvt%3D2005%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2168%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D202%26dur%3D15019%26vmtime%3D2175%26dtos%3D2005%26dtoss%3D1%26dvs%3D2005%26dfvs%3D2005%26dvpt%3D2168%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D570421943%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,2005,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.3%26t%3D1660066604314;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C4E6 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWk1fKZzfHy87x4gJr5x0NNdGPlldqJGAvFU2ln1KoR9n89YaPxXdMA3luZaZZ0OmnoXvJPRFCSvS9i4iUCN3Rd1RhK-PTj_BScKiQzD2kCe_CecxXXqgcuSmMb0MYbUs&sai=AMfl-YQkf6UhWvDKDXpL-P1iv8aweg1W48cR9FWVklx345ZQVcUUo2dFS9oAq1oXOIzpDucReqOXSXvSaj3Uab0XXFFx8cP_x5lbMRnKimZsPb4KXkQOB5EAKrDm-Xc&sig=Cg0ArKJSzMkesqAMN1j3EAE&cid=CAASJORobyuiDkuBHCLzVTr77T56Zb9ikfZ1AR2JUoXebQReoYCwag&id=lidarv&acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,575,1023%26tos%3D2005,0,0,0,0%26mtos%3D2005,2005,2005,2005,2005%26amtos%3D0,0,0,0,0%26mcvt%3D2005%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2168%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D202%26dur%3D15019%26vmtime%3D2175%26dtos%3D2005%26dtoss%3D1%26dvs%3D2005%26dfvs%3D2005%26dvpt%3D2168%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D570421943%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,2005,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.3%26t%3D1660066604314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ft.stat
ad-events.flashtalking.com/ Frame C4E6 0
66 B 41ms
40ms Image
text/plain 35.176.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/ft.stat?14300;184716;6566075;3934948;0;14;C88102AB-DC73-A73C-1385-7900DB805BDF;5334FC57ECF6EB;1374479993
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.214.99 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-214-99.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:36:50 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 204
No Content event.png
tpsc-video-eu.doubleverify.com/ Frame C4E6 0
138 B 29ms
28ms Image
text/plain 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-eu.doubleverify.com/event.png?vstevt=4&dup=6080c950-bff8-4e2e-a6bb-5309d10f4cfe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 17:36:50 GMT
Cache-Control: max-age=0
Expires: 08/08/2022 17:36:51

GET
H3 200 dc_oe=ChMInsDxgqa6-QIV0tbeCh0F8wHsEAAYACDx8qtSQhMIluSygqa6-QIVr8q7CB29rgKx;met=1;acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,575,1023%26tos%3D3749,0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame C4E6 42 B
63 B 54ms
53ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInsDxgqa6-QIV0tbeCh0F8wHsEAAYACDx8qtSQhMIluSygqa6-QIVr8q7CB29rgKx;met=1;acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,575,1023%26tos%3D3749,0,0,0,0%26mtos%3D3749,3749,3749,3749,3749%26amtos%3D0,0,0,0,0%26mcvt%3D3749%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3912%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D202%26dur%3D15019%26vmtime%3D3921%26dtos%3D1744%26dtoss%3D2%26dvs%3D1744%26dfvs%3D1744%26dvpt%3D1744%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3749,3749,3749,3749,3749%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D570421943%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,3749,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.3%26t%3D1660066604314;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C4E6 42 B
64 B 60ms
59ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTc1CLZvyYtaZBa-V7_UPvd2KiAuioMuwap6A5J3tD5bRyM_gARABIJWbyiFgleKQgqAHyAEFqAMByAObBKoE4gFP0K58nxE5lJ2T21cRSLQ-zpShKy63xrpqJjjcFpnFkWqqg2SNoRDjpBem6lLpNl5bERE-EQRT-XgyjNO_DHnpKIam9uCl1jzup4Y0iyd1-niFQKTI5DrJHUfy4qlmy0WxRAw3sHvO3cggXfKWEljNGNadktZ41e2h4_hP6e3nkR12ltkBECgopf6A8Vq9ypnBAUOtuKdRTYSIzskhjh3_Ea483-p1KZliyGAz63x7piSFzYz8nEqAQFFEjJz3hnWagXRgpwiIL03V3CmrQ0UiRBAYMddrqONnenbs3f31vBiFwAT18uqJ_wPgBAOQBgGgBnmAB_-TteECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xNjk3NDcwMzc1Mzk2MDgwgAoDyAsB4AsBgAwBsBOOuasP0BMA2BMKiBQF2BQB0BUB-BYBgBcB&sigh=QPrRL7gc2A8&label=videoplaytime25&ad_mt=3922&acvw=sv%3D929%26v%3D20220801%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,575,1023%26tos%3D3749,0,0,0,0%26mtos%3D3749,3749,3749,3749,3749%26amtos%3D0,0,0,0,0%26mcvt%3D3749%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3912%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D202%26dur%3D15019%26vmtime%3D3921%26dtos%3D1744%26dtoss%3D2%26dvs%3D1744%26dfvs%3D1744%26dvpt%3D1744%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3749,3749,3749,3749,3749%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D570421943%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,ssmol%3A1%26ssb%3D0,0,0,0,0,0,0,3749,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.3%26t%3D1660066604314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 17:36:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js

Domain: live.demand.supply
URL: https://live.demand.supply/p4/v14-3-0/Z280a29yYS5jb20v

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1529650920&t=pageview&_s=1&dl=https%3A%2F%2Fgo4kora.com%2F&ul=en-us&de=UTF-8&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%AC%D9%88%20%D9%81%D9%88%D8%B1%20%D9%83%D9%88%D8%B1%D8%A9%20%3A%20%D8%B9%D8%A7%D9%84%D9%85%20%D9%83%D8%B1%D8%A9%20%D8%A7%D9%84%D9%82%D8%AF%D9%85%20%D8%A8%D9%8A%D9%86%20%D9%8A%D8%AF%D9%8A%D9%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1400849547&gjid=763997003&cid=1717641412.1660066600&tid=UA-117897648-1&_gid=1227886710.1660066600&_r=1&gtm=2ou880&z=1099274028

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5QKX54JRFP&gtm=2oe880&_p=1529650920&cid=1717641412.1660066600&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660066600&sct=1&seg=0&dl=https%3A%2F%2Fgo4kora.com%2F&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%AC%D9%88%20%D9%81%D9%88%D8%B1%20%D9%83%D9%88%D8%B1%D8%A9%20%3A%20%D8%B9%D8%A7%D9%84%D9%85%20%D9%83%D8%B1%D8%A9%20%D8%A7%D9%84%D9%82%D8%AF%D9%85%20%D8%A8%D9%8A%D9%86%20%D9%8A%D8%AF%D9%8A%D9%83&en=page_view&_fv=1&_ss=1

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5QKX54JRFP&gtm=2oe880&_p=1529650920&cid=1717641412.1660066600&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1660066600&sct=1&seg=0&dl=https%3A%2F%2Fgo4kora.com%2F&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%AC%D9%88%20%D9%81%D9%88%D8%B1%20%D9%83%D9%88%D8%B1%D8%A9%20%3A%20%D8%B9%D8%A7%D9%84%D9%85%20%D9%83%D8%B1%D8%A9%20%D8%A7%D9%84%D9%82%D8%AF%D9%85%20%D8%A8%D9%8A%D9%86%20%D9%8A%D8%AF%D9%8A%D9%83&en=scroll&epn.percent_scrolled=90&_et=6

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve57WiosepOjPJd_sGdBjPXgWI0mFcHSG0koUrnPMIA5--fiOOivd3q0McHD1iyg6jQ1oI0wNF7_8CjLW1MTkkIQiPHBjPkF-7O6a0TJp9vnetjjdtgw8ruNpsccxknXcOMIL2sgI6urfPuWsq-TgRiN0yFimCY8fykXN0Bl_yVXdCSZsiRbcIsx6UqQO2egngoSDXJnZf46UaUllFqzmZVlpMwXck87LKQqPDEvTSI-kMrDhx-IJ6HXXJHLKIqQMh_4cw7RAP9_1_glfHO6uAZ97Ajm1zEWp0ELyb5W8O2aZO9_94KySpYB1nIZkVoHYBgiLoDJMTvjcCQRsX8EZYwJ8ohywI8x8tQKHAeH03ChbYPneXL8eKqH8kqqIYZshFhe-U&sai=AMfl-YT1AquapnZWFc16nFuhwgmlDNN_YZRsjGrLJfGNNqKjLy5SnDaMd5M9hUGWDfca1NilkxhCaJ1MRFYuopxdhi7Abq_Qm9LlDtqcLkEebCZF1aA5m2iUOilVsk2KQ1l9TC8&sig=Cg0ArKJSzCsMguaF5DEcEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuatRtOmSnsmtntnyGr44cci4Jf5x2z4DbW66jOOUuk7DptPZZS-FdIEy5LKmUv43MY6301YPtT8HVx2REbBLPyumS71WvKNxyGNXNBl1uq2yUZeqeNXrGnCF5dAW-F5EJzkns-Px-2e531X_H2ahX6vH-bISFjY8VzLfZYToBe37Rxeke_A6h3Gt16X7NHDl0ZMAVxUtxgIjftaCpiuWITVZIhu6oUTgP4-YWIQgo5Ue-x9rOPqm661rm16_Mk-ed7Y0PbA0bm5DxOSGihLQc21pSBovo-pvFGODC7ie2Ij8n79QMKh-a7t-DViQXYe9b4iMjs09bRgBW2VJfxL4q42IdEdWT-_1VC1X3Ud-2c10DgKNZ6R8FmRzZfhukea8pp079s&sai=AMfl-YT_8ro7B7eiuu2XuiXSvsLnFdgUki_I1xk4Vkl4cHEXDg0VuyPCvO2pbV-JQDyI4skN0wWN1gzBb-TtwAeFNMAJpdgk-LALRvueKrbF_mbmywscmfniQM41_N78sy0uzg&sig=Cg0ArKJSzPpYnkNQDJw3EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go4kora.com/	1970-01-20 05:07:53	Name: ci_ses_ Value: 2f50bhjeplb788d4rjhna8i7hbrcn0dv
go4kora.com/	1969-12-31 23:59:59	Name: offset Value: 0
live.demand.supply/	1970-01-20 14:43:46	Name: demandSupplyTi Value: 5553379c-9d39-4e51-aef5-4f8f4341a98f
.go4kora.com/	1970-01-20 05:09:13	Name: _gid Value: GA1.2.1227886710.1660066600
.go4kora.com/	1970-01-20 05:07:46	Name: _gat_gtag_UA_117897648_1 Value: 1
.go4kora.com/	1970-01-20 14:43:46	Name: _ga_5QKX54JRFP Value: GS1.1.1660066600.1.1.1660066600.0
.go4kora.com/	1970-01-20 14:43:46	Name: _ga Value: GA1.1.1717641412.1660066600
go4kora.com/	1970-01-20 05:50:58	Name: _pbjs_userid_consent_data Value: 3524755945110770
.go4kora.com/	1970-01-20 05:07:48	Name: __cf_bm Value: m.6SFYMHgQEfWNjvuQoaFx5S_aSexzoBiUlvHLr01MU-1660066603-0-AQXHTjfHo0w1Eadk5qnvXtAFvc86yTwGzxFgqvo17mlfpYPGVe/2gDJyCI1JuS98le8K7nKGhcvEyp7YCOYs18+faF5z/B0RPVSXbGqtZJrdBl4cX6ml7kt9SzFmST25og==
.go4kora.com/	1970-01-20 13:53:22	Name: _pubcid Value: 71947e44-4617-4526-944c-08ddfc4182ce
.adnxs.com/	1970-01-20 07:17:22	Name: uuid2 Value: 6498469751815969603
.adnxs.com/	1970-01-20 07:17:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?hh):qe!]tbPl1M>e)ZlrFUfJ+tGXxpCL%7rSLA?vbaDK:Q<sBW$[*!EE]5-K.Zq%iq3If)y3KL9D3I?+CYH@K'
.doubleclick.net/	1970-01-20 14:29:22	Name: IDE Value: AHWqTUnvqBIB2--2Hm8sR6PzOdUfwgAMTK2QDBXFfkYOqi7sOc0eszY4OOU2YPg2oFo
.casalemedia.com/	1970-01-20 07:17:22	Name: CMPS Value: 1175
.casalemedia.com/	1970-01-20 13:53:22	Name: CMID Value: YvKbLTYQNMBr.g8yYJZT9gAA
.casalemedia.com/	1970-01-20 07:17:22	Name: CMTS Value: 1136
.casalemedia.com/	1970-01-20 07:17:22	Name: CMPRO Value: 1175
.doubleclick.net/	1970-01-20 05:07:50	Name: DSID Value: NO_DATA
.go4kora.com/	1970-01-20 14:29:22	Name: __gads Value: ID=5c8ad1c970fee913:T=1660066604:S=ALNI_Mbxijz9LsNKg5zmLAPT9ZDmkRfeow
.lijit.com/	1970-01-20 13:53:22	Name: ljt_reader Value: FHkAsGZHUWIkjkV3QYG8eBZx
.simpli.fi/	1970-01-20 13:54:49	Name: suid Value: 8777A38186A04191B86273AAAC95C0ED
.bidswitch.net/	1970-01-20 13:53:22	Name: tuuid Value: f70256de-bd2c-4b6f-af81-5e0edec85997
.bidswitch.net/	1970-01-20 13:53:22	Name: c Value: 1660066606
.bidswitch.net/	1970-01-20 13:53:22	Name: tuuid_lu Value: 1660066606
.bidswitch.net/	1970-01-20 05:07:46	Name: google_push Value: AehlK4AFoeQLa2E0LMGNJ3ThVHnOqJMJ45KgZ2DkoWbiYT1FJNbQ6ePCYZ8iBSJOKXiqnRaFl6VntdWl4qa2QPe-0Xb6Sk3geMqN
sync.srv.stackadapt.com/	1970-01-20 13:53:22	Name: sa-user-id Value: s%3A0-3c0e7a2a-b553-495f-4f07-192cd7e2a2e4.bBeONUC%2F58Kc8Wrv6LXNXKBsprLc7JYabhd1T5OnbkU
.srv.stackadapt.com/	1970-01-20 13:53:22	Name: sa-user-id-v2 Value: s%3APA56KrVTSV9PBxks1-Ki5JJGdW4.vGcu%2Fi0IDNhg6l4c9NXl1%2BaQ6J3X6Bb%2FQ3sCc7Xy%2FQ4

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8a6703e36bc3a23da8fa2e11ae0bfee3.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad-events.flashtalking.com
ad.doubleclick.net
ade.googlesyndication.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ap.lijit.com
bid.g.doubleclick.net
c.amazon-adsystem.com
c.eu1.dyntrk.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.flashtalking.com
cdn.id5-sync.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
csi.gstatic.com
d9.flashtalking.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
go4kora.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
jscdn.greeter.me
lb.eu-1-id5-sync.com
live.demand.supply
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
player.adtelligent.com
player.aplhb.adipolo.com
region1.google-analytics.com
rtb0.doubleverify.com
rtbc-frc.doubleverify.com
s.ad.smaato.net
s0.2mdn.net
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
sync.srv.stackadapt.com
tpc.googlesyndication.com
tpsc-video-eu.doubleverify.com
um.simpli.fi
vast.doubleverify.com
vtrk.doubleverify.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
c.amazon-adsystem.com
jscdn.greeter.me
live.demand.supply
region1.google-analytics.com
securepubads.g.doubleclick.net
www.google-analytics.com
www.googletagservices.com
104.18.18.126
141.95.98.67
142.250.184.194
142.250.185.230
142.250.185.98
159.122.14.34
159.89.0.197
162.19.138.118
162.19.80.92
172.217.16.130
172.217.16.194
18.66.23.213
184.51.8.61
2001:4860:4802:32::3
2001:4860:4802:34::178
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1b
205.185.216.10
209.197.3.19
213.254.244.26
216.52.2.19
2600:9000:206e:c200:1b:5138:8a40:93a1
2606:4700:10::ac43:266a
2606:4700:3033::6815:125b
2606:4700::6810:8616
2606:4700::6812:bcf
2a00:1450:4001:800::2006
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a02:26f0:f700:2a3::4469
2a03:2880:f007:8:face:b00c:0:1
2a0c:5c81:5142::2
3.125.77.13
3.228.99.19
34.253.123.4
35.176.214.99
37.252.172.249
45.133.44.3
45.133.44.4
52.49.231.213
52.95.126.138
54.74.12.230
64.233.167.155
005ed6344f7f734e86edad64325620de9d815dc45e59a2dc0ee94f2118376c49
035b3ad7acbe6346dc58f62dd9f4b5e9d19e7b9e53ba79c1c02413d1fec791ff
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
0a73ad77324185bb7095d2897f074fb080621063a489ccf689ad93870d79c15e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf412d0de999b7d9e226055f1952e322f404e2571454cb722855253fdbaaa3d
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18b5d6db36aafbc4d353dc2838a78108f28a29eba4ea7b57367ffc334b8d91ea
1c5594dab17becf2a34b8e73ea303617d9bc9a43e1b0a195485c98ba3e3c6c89
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
1dd433708cb7ca53a7ac9c6b88da2081520d809dd296b45cd54eaac443a12923
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e12ddb6fc625e5f233e0e7a8bb77158eda1e8d3b458c9a0c2e5cefea100cc2e
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
243f9298fdf5ae6543d77968111398d390d9adf0115d11d0f2f1692695088176
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
294020b8f2b233aeef595d667a355d73afdae7a3bfbffac45f5ba155609474ba
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b6d3ba6e2efa196258f88899c3c58db35d0ddd1877d1fe4d4eb6cc7c0ec5138
2db6f197eee163bea53c66d338b49105218a6e4cf99b2f21b46d4983bea81956
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
308fbe00ee08322186222944225e8d7e6cf7b2a0b8809e89dc01b879a530dc54
3112131c6a9e1dd6ed030ec2b08570c5d9f0341e064a86f2721641b624632736
3248ee869707a5daa6002c3f333a0156e4932ac6fc39e961e7aa0dcad5050502
3436cf40c70cb77cb3e36d1a14a8bf9eb6b16da35520e75678c69c738ee75baa
35697d74383d976566f50c4ea14e4fb2fa04efa4c25ae33584da0921341339fb
384f1076cf595f437c5dcc4075ed9aa516a6b440216d0720241091954c5b9b41
3a983fe15e3e7ca34e624f71f34a2d5a879ecfc05a1542b8128f04c11ffe9492
3d02c7e391ac291410c6cd5c665b612e3293226ca94e2003cf2045299cd62faf
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
413a2c072b0ce357aaf4ab7362ece7a78095bfe54826a3fad15449664f498d86
41a4650481e83752c89317b3896df89e49ce56b09ab272c963a7ac7f795dbfe9
42015dc7fef97e9879d5e0a23e2f51f37048cbfb086c2503521676bd20f34302
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47effef349d2218144c2822eb0ac9eafdf6a62d520f72708c83ffb0b0e31f1d7
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b4ce67e3789c449932caf465be29efff3ce6c50e5d4bc5d743b7d41032f7b52
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
500721be4e20c81e26aa296758cb73ddc1fa6812d8c6aa7c24172140716a5a93
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
57089689126b47c8e42e684357e6eac97e7638084be7ecd7fae638abd5dbf7a6
5b0c868e05a8b05c5653a259a40647d60b3cfea7ed14903beaf1298d72e519fa
5f0599bf03c1e5534ac220bbfeab3aa6d4edbd53bee71a907e208584388b6a99
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663c9b9be1fae766b50858e1ac11f67d14d4921f41d2b294f8d485979b080f9b
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6898a0f542f6b250432efe271ac4f26126f96b75f0b3e89e64cc849380b83da7
6c00f268685b8a576d1307fab673f36330a258b36d1d4afb50232c01ca2a388f
6da051b1bdeb813cbafe4bba826b9aa9b01447fedc36f3d3d424396979933d37
6df40165a37b0015758e58a5713dd5d1e138a085f9f56edc9efee220c5e3c723
6ed20cb52595f6abbc5bdd2c52fa323c05120aeee11dfd9ad8401883bd7b4909
72ffd1ed4d0213d436bf9578b7145be98caac4116d36298554952b5e4789f82d
735fe25c0a387a7acbfb3dbe51ee6e4c2c3be4dcc9d9d11f3a0f9dc5c5f3bc96
74892463bbc381d3f399cafabb9d4cd4529afaea1f2e41dfb02747f0af7820ae
7523783dc7856f98f9a0b0bdb24e4c40ad62903e944a318e19c9051bff551fc2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bc3cf1a3eb53c028ac402b21eac28ca119a040c5b0bdc1ea52aca11985eca99
80853d72189c751312b7656869e6dcb721765e8328a9fb5a02f738145cc05792
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850cf8562f66555daa36c5ff91f568e643f7be3cf5bbc48e68796e4cd8102223
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
897b0eda2eb5e7df39acd929ba9f3f0b30d84594239cef6874c91aabff9e3f98
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ba20255e38b40de942a1275feddd429beb277b1eb53e53a60250516dc605799
921c5d109ce57de3e7ea7a8373d1711028f8d20a485d280f96937d60144b1c81
9221909d9686d5e918ad9dcc0922aeae68e439454afdbcb4f458c37c83d4b8c0
9546c19f08970e5abddaa0b7ef13805b4106bd2eb1f9f87e946b6c83ce0ba7e0
99294cc249766f0b8548a062c772edca61b47c282cbee1649992fb99ab193410
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4ab5350e492c2fe26e5c5ed3836cbc6037ad92db3184176115f428e8444a24
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a08c600ee8a9c327dff5b3618845a0e8c1a4b01d8f65c29ccaaafbad2b73d656
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a44527e65d978002df9191e57425be7a304243811ec4f02625871b6b9df3ffbe
a47b00a3edc66ea6232ec60639b7b46eef15e6b8ee62360b236aa35ce3ae2a9c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8300b8873caadfd69f574c1f754ecba4e6a0f171cbe8f4e5853a601c05f5c07
aa4e3006caf9ca54ed5e56e4e0c819f6fcdbdadbe6ec0042a45100463ca88d1a
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
ad82495e6b8d6035f8d303377775259563f5b603b680726c318ce85f17230d39
ae645f5f80a8b9fbb9b5e3254782c4323ecc6abb0a437b59207ad0c887f3da53
af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2
b0165c9846c32fe3e6a8db3dcd5123506e661f5a732fcafe6319705b0686603a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
b9e7d34ce1371dca3666efaa9b79de53408b449e6043e1fdd8080f1af7f37d76
ba9e7964446abcfe0f2c48e32f8774f465e0d814135e785c7cd2dcd784679c74
bb23442d9aab508270460d7521347631932bb67c903292ada4092e1e1e8c4494
bd49bd84686e9053000eb4d61dff40dc7c5b6bee3b7a31dc66150e408caab988
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
be1a9703d742d9e1ca36a740c33fcc122d01a0e5cba8328d1e140c1aee3f8d81
be213363019b53420741106af1448a49a6283a6b3fb45515c440a63bb11b7320
bedafae3621e003754e213eafe5569c5fecc409906d14d64939caf54be012b5e
c03041233fafecb399ae66c43ec04a384c69b4fd40958f08b8ac2a41d066c982
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2a3c0f537dfe0624f744865c7011d740098c3a8f8f0228bb9ca687a1a3aa737
c8976c4d485889d1e1c65ec9ec2514803b631984fba0d484f0e7668f4f7b5dd6
c9b2a12125a892485cf2b062432ee7939d67791de2a2e86afe7094eb44db202d
ca64723ef7c779fc9f11641414aa03cac5aecfe79cfdc2b540f9b148b809a857
cbbfdeab8e09ee88521302ac05fc92c17d92480a483b8403fcc56aeeb13a07bd
cf019a1e03162a3ab267c3dc07d7eb9b1ddb76ce703755c49a7ca9edbd1d87db
cf5a8e941aa56ad9761c413dc420f345f12303793229e1f59f317676ddf34fda
cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898
d0879b3d53303a13607f3a5646aee077553c2ae33b80bd06fdf2a04432800fa3
d2145070a8525d28e5c6e41f9502578728f6d98c9b302a508b8f1705b6e33015
d30f547f8f24b06d0af53229918a5f6dc34597adcca6126e7c4fe5da3f6ac9de
d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f
d6ec88cb99386e11f744da0dd9ea7bbbf4d42e9d0efc1cb3ccdaa5903bba9944
d824de74a1aec724cac63514adebf10537f6d64d9edb386aa667bff6843a35cc
d99713b02640cb27d9383e169dd458541c14e3393f9a54dee187d34f96e1d5aa
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de89ffc427cf841090cc0c886e87bd001b06d12f17db332bcd98bd8666b1ae4a
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e2161790304578add0b3f6b09c8c0f9fde6ac3343d69570696e67c67dad0587c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888
e5abe48dcdb90c0c378a336d003d62ef57a8e3dd457b14f1f91376a63b6ca6e1
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
e87849f221bbdc16a325dca3a1474301c20b365d2a27dce81ffe6ef2beb7eb44
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3
ea043c9b1b53c6ddb9afe4bdd8d9838b54fe54435d9f6ea140ebe80478264b2d
ec15f98604211de09a04020860148a98124296e8ce00c461f5fded4eb0ff9d47
ecd56e64112e511a27b22a8b96133e4fcfc5d7d31900e726e454ba5b9883f574
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f377617539fc9498b7c81e50ba9dbc082b0817b499afb35041d7a114c247e5d3
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5f1c274749e30de85a7f0dc448b2097577dbf443299da69994b70a644095b7a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ffb05de96c39e8b9abc8240508277f386923b5752636a4749204df8c7dc596
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fb46460f84c8690f59438bdbeb1615047601d3c18536dc67e9a178353bdac626
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
ff0677672f113b5be04b41117f504b9fe2deb4b20c9f8b91af009b84f22e3077

go4kora.com Open in urlscan Pro 2606:4700:3033::6815:125b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

319 Requests

93 %HTTPS

48 %IPv6

33 Domains

57 Subdomains

49 IPs

8 Countries

5927 kBTransfer

15318 kBSize

27 Cookies

6 Outgoing links

Page URL History

Redirected requests

319 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go4kora.com Open in urlscan Pro
2606:4700:3033::6815:125b Public Scan

Screenshot
Live screenshot

Full Image

319
Requests

93 %
HTTPS

48 %
IPv6

33
Domains

57
Subdomains

49
IPs

8
Countries

5927 kB
Transfer

15318 kB
Size

27
Cookies

319 HTTP transactions
4 data transactions